The person at the center of this case
Multiple computer systems and organizations targeted by BitPaymer ransomware
Cold Case · Open
3 years waiting · since 2023
ALEKSANDR RYZHENKOV
Justice for Multiple computer systems and organizations targeted by BitPaymer ransomware — the trail went cold in 2023, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is the current location of Aleksandr Ryzhenkov and has he been apprehended since the March 2023 warrant?
🔍
evidence
Lead #2What specific organizations and individuals were targeted by BitPaymer ransomware attacks attributed to Ryzhenkov?
👤
person
Lead #3How deep is the operational relationship between Ryzhenkov and Maksim Yakubets (AQUA), and are there other associates in this cybercriminal network?
Aleksandr Ryzhenkov is wanted by the FBI for his alleged involvement in ransomware attacks using BitPaymer malware and money laundering schemes. Operating as a close associate of Russian cybercriminal Maksim Yakubets, Ryzhenkov deployed ransomware that left electronic ransom notes on victims' computers with payment instructions. A federal arrest warrant was issued on March 22, 2023, in the Northern District of Texas, and he is believed to be hiding in Russia, possibly Moscow.
Case
#799
FBI (Federal Bureau of Investigation), United States District Court, Northern District of Texas
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4What cryptocurrency wallets and email addresses were used in the ransom demands, and can they be traced to identify victims or payment patterns?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Fraud and Related Activity in Connection with Computers; Intentional Damage to a Protected Computer; Transmitting a Demand in Relation to Damaging a Protected Computer; Conspiracy to Commit Money Laundering Caution: Aleksandr Ryzhenkov is wanted for his alleged involvement in ransomware attacks and money laundering activities. It is alleged that, through the use and deployment of BitPaymer ransomware, Ryzhenkov left electronic notes in the form of a text file on victims’ computers.
The notes included email addresses for the victims and provided a virtual currency address to use to pay the ransom. Ryzhenkov is known to be a close associate of Maksim Yakubets , aka “AQUA”, an alleged Russian cyber criminal.
On March 22, 2023, a federal arrest warrant was issued for Ryzhenkov in the United States District Court, Northern District of Texas, Dallas, Texas, after he was charged with Conspiracy to Commit Fraud and Related Activity in Connection with Computers; Intentional Damage to a Protected Computer; Transmitting a Demand in Relation to Damaging a Protected Computer; and Conspiracy to Commit Money Laundering. Remarks: Ryzhenkov is believed to reside in Russia, possibly Moscow.
Timeline of Events
🕵️
2023-03-22
Federal Arrest Warrant Issued
A federal arrest warrant was issued for Aleksandr Ryzhenkov in the United States District Court, Northern District of Texas, Dallas, Texas, for conspiracy to commit fraud, intentional damage to protected computers, transmitting ransom demands, and conspiracy to commit money laundering.
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:March 22, 2023
Last Updated:May 12, 2026
Leave a comment
Comments
Case Information
Incident:March 22, 2023
Last Updated:May 12, 2026