The person at the center of this case
Volodymyr Viktorovych Tymoshchuk (alleged perpetrator)
Cold Case · Open
1 year waiting · since 2024
VOLODYMYR VIKTOROVYCH TYMOSHCHUK
Justice for Volodymyr Viktorovych Tymoshchuk (alleged perpetrator) — the trail went cold in 2024, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Tymoshchuk's current location given his known ties to Poland, Romania, Moldova, Türkiye, Russia, and Belarus?
🔍
evidence
Lead #2How were the three ransomware variants (LockerGoga, MegaCortex, Nefilim) technically connected and what distinguishes them?
💡
clue
Lead #3Which of the 250+ compromised U.S. companies yielded the most critical evidence linking Tymoshchuk to the conspiracy?
Volodymyr Viktorovych Tymoshchuk is an alleged ransomware administrator who, from December 2018 through October 2021, deployed LockerGoga, MegaCortex, and Nefilim ransomware variants to compromise hundreds of companies worldwide, including over 250 in the United States. A federal arrest warrant was issued on May 7, 2024, charging him with conspiracy to commit fraud, intentional damage to protected computers, unauthorized access, and extortion threats. Tymoshchuk remains at large with suspected ties to Eastern Europe and Russia, and the FBI is seeking information leading to his capture.
Case
#966
International - Multiple jurisdictions
Federal Bureau of Investigation (FBI); United States District Court, Eastern District of New York
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
👤
person
Lead #4Who were Tymoshchuk's co-conspirators in the ransomware operation and have they been identified or apprehended?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Fraud and Related Activity in Connection with Computers; Intentional Damage to a Protected Computer; Unauthorized Access to a Protected Computer; Transmitting a Threat to Disclose Confidential Information Caution: Volodymyr Viktorovych Tymoshchuk is an alleged ransomware administrator of at least three different ransomware variants. From December of 2018, through October of 2021, Tymoshchuk and his co-conspirators allegedly deployed LockerGoga, MegaCortex, and Nefilim ransomware, which compromised the computer networks of hundreds of companies around the world, including more than 250 companies in the United States, in order to extort ransom payments from the victim companies.
On May 7, 2024, a federal arrest warrant was issued for Tymoshchuk in the United States District Court, Eastern District of New York, Brooklyn, New York, after he was charged with two counts of Conspiracy to Commit Fraud and Related Activity in Connection with Computers; multiple counts of Intentional Damage to a Protected Computer; Unauthorized Access to a Protected Computer; and Transmitting a Threat to Disclose Confidential Information. Remarks: Tymoshchuk has ties to Poland, Romania, Moldova, Türkiye, Russia, and Belarus.
Timeline of Events
📋
2018-12-01
Ransomware campaign begins
LockerGoga, MegaCortex, and Nefilim ransomware deployment begins targeting companies worldwide
📋
2021-10-31
Campaign period ends
Alleged ransomware operations conclude in October 2021
🕵️
2024-05-07
Federal arrest warrant issued
Warrant issued in United States District Court, Eastern District of New York, Brooklyn, New York for Tymoshchuk
Case Information
Incident:December 1, 2018
Last Updated:April 29, 2026
Up to $10,000,000 Reward
For information leading to the resolution of this case
Leave a comment
Comments
Case Information
Incident:December 1, 2018
Last Updated:April 29, 2026
Up to $10,000,000 Reward
For information leading to the resolution of this case