The person at the center of this case
Volodymyr Viktorovych Tymoshchuk (subject/fugitive)
Cold Case · Open
2 years waiting · since 2024
VOLODYMYR VIKTOROVYCH TYMOSHCHUK
Justice for Volodymyr Viktorovych Tymoshchuk (subject/fugitive) — the trail went cold in 2024, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Tymoshchuk's current location and which country is harboring him?
🔍
evidence
Lead #2How many total victims were compromised across all three ransomware variants and what was the total ransom extorted?
📞
contact
Lead #3Who were Tymoshchuk's co-conspirators in the ransomware operations?
Volodymyr Viktorovych Tymoshchuk is alleged to be a ransomware administrator who, between December 2018 and October 2021, deployed LockerGoga, MegaCortex, and Nefilim ransomware variants to compromise networks of over 250 U.S. companies and hundreds worldwide, extorting ransom payments. A federal arrest warrant was issued on May 7, 2024, in the Eastern District of New York for conspiracy to commit fraud, intentional damage to protected computers, unauthorized access, and transmitting threats to disclose confidential information. Tymoshchuk remains at large with suspected ties to Poland, Romania, Moldova, Türkiye, Russia, and Belarus, and a reward of up to $10,000,000 is being offered for information leading to his capture.
Case
#966
Federal Bureau of Investigation (FBI); United States District Court, Eastern District of New York
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
📍
location
Lead #4Why does Tymoshchuk have ties to six different countries, and which location is his primary base of operations?
💡
clue
Lead #5What specific infrastructure or financial networks were used to receive and launder ransom payments?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Fraud and Related Activity in Connection with Computers; Intentional Damage to a Protected Computer; Unauthorized Access to a Protected Computer; Transmitting a Threat to Disclose Confidential Information Caution: Volodymyr Viktorovych Tymoshchuk is an alleged ransomware administrator of at least three different ransomware variants. From December of 2018, through October of 2021, Tymoshchuk and his co-conspirators allegedly deployed LockerGoga, MegaCortex, and Nefilim ransomware, which compromised the computer networks of hundreds of companies around the world, including more than 250 companies in the United States, in order to extort ransom payments from the victim companies.
On May 7, 2024, a federal arrest warrant was issued for Tymoshchuk in the United States District Court, Eastern District of New York, Brooklyn, New York, after he was charged with two counts of Conspiracy to Commit Fraud and Related Activity in Connection with Computers; multiple counts of Intentional Damage to a Protected Computer; Unauthorized Access to a Protected Computer; and Transmitting a Threat to Disclose Confidential Information. Remarks: Tymoshchuk has ties to Poland, Romania, Moldova, Türkiye, Russia, and Belarus.
Timeline of Events
📋
2018-12-01
Ransomware Campaign Begins
Tymoshchuk and co-conspirators begin deploying LockerGoga ransomware
📋
2021-10-31
Campaign Concludes
Ransomware deployment operations end in October 2021
🕵️
2024-05-07
Federal Arrest Warrant Issued
Warrant issued in U.S. District Court, Eastern District of New York for conspiracy to commit fraud and related computer crimes
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:December 1, 2018
Last Updated:June 15, 2026
Up to $10,000,000 Reward
For information leading to the resolution of this case
Leave a comment
Comments
Case Information
Incident:December 1, 2018
Last Updated:June 15, 2026
Up to $10,000,000 Reward
For information leading to the resolution of this case