Conti Ransomware Member Extradited from Ireland to US

First reported

31.10.2025 11:40

Last updated

03.11.2025 12:15

2 unique sources, 2 articles

Summary

Hide ▲

Oleksii Oleksiyovych Lytvynenko, a 43-year-old Ukrainian national, has been extradited from Ireland to the United States and appeared in a Tennessee court on charges related to the Conti ransomware operation. He is accused of conspiring to deploy Conti ransomware, extorting over $500,000 in cryptocurrency from victims in the Middle District of Tennessee, and publishing stolen information. The Conti ransomware operation has been linked to over 1,000 victims worldwide, with ransom payments exceeding $150 million as of January 2022. Lytvynenko faces charges that could lead to 25 years in prison, including 20 years for wire fraud conspiracy and 5 years for computer fraud conspiracy. He was arrested in July 2023 by Irish authorities and detained until his extradition. The Conti group, initially a ransomware operation, evolved into a larger cybercrime syndicate, controlling multiple malware operations. After shutting down, its members have infiltrated other cybercrime groups. The FBI estimates Conti's malware was used in more critical infrastructure attacks than any other ransomware variant.

Timeline

31.10.2025 11:40 2 articles · 10d ago

Ukrainian National Extradited to US for Conti Ransomware Charges
Lytvynenko appeared in a Tennessee court due to a 2023 indictment alleging his involvement in the Conti operation between 2020 and July 2022. He helped the Conti group extort over $500,000 in cryptocurrency from two victims in the Middle District of Tennessee and published information stolen from a third victim. The article also highlights the extensive reach of Conti ransomware, targeting over 1,000 corporate victims worldwide, impacting dozens of countries and nearly all US states. Conti ransomware attacks caused losses of at least $150 million, making it a significant national security threat. The FBI's Brett Leatherman highlighted the strength of US-Irish law enforcement partnership in countering cybercriminals threatening American infrastructure.
Show sources

Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40

Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Open in new tab

Information Snippets

Oleksii Oleksiyovych Lytvynenko, a 43-year-old Ukrainian national, was extradited to the US from Ireland.
First reported: 31.10.2025 11:40

2 sources, 2 articles
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Lytvynenko is accused of being part of the Conti ransomware operation, controlling stolen data and sending ransom notes.
First reported: 31.10.2025 11:40

2 sources, 2 articles
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
The Conti ransomware operation has been linked to over 1,000 victims worldwide, with ransom payments exceeding $150 million as of January 2022.
First reported: 31.10.2025 11:40

2 sources, 2 articles
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Lytvynenko faces charges that could lead to 25 years in prison, including 20 years for wire fraud conspiracy and 5 years for computer fraud conspiracy.
First reported: 31.10.2025 11:40

2 sources, 2 articles
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
The Conti group evolved from a ransomware operation into a larger cybercrime syndicate, controlling multiple malware operations.
First reported: 31.10.2025 11:40

1 source, 1 article
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
After shutting down, Conti members have infiltrated other cybercrime groups, including BlackCat, Black Basta, and Hive.
First reported: 31.10.2025 11:40

1 source, 1 article
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
The FBI estimates Conti's malware was used in more critical infrastructure attacks than any other ransomware variant.
First reported: 31.10.2025 11:40

1 source, 1 article
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
Lytvynenko was arrested in July 2023 by Irish authorities and detained until his extradition.
First reported: 31.10.2025 11:40

2 sources, 2 articles
Show sources
- Ukrainian extradited from Ireland on Conti ransomware charges — www.bleepingcomputer.com — 31.10.2025 11:40
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Lytvynenko appeared in a Tennessee court due to a 2023 indictment alleging his involvement in the Conti operation between 2020 and July 2022.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Lytvynenko helped the Conti group extort over $500,000 in cryptocurrency from two victims in the Middle District of Tennessee and published information stolen from a third victim.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Conti ransomware targeted over 1,000 corporate victims worldwide, impacting dozens of countries and nearly all US states.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Conti ransomware attacks caused losses of at least $150 million, making it a significant national security threat.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Lytvynenko was arrested in Ireland in July 2023 and extradited to the US.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
The FBI's Brett Leatherman highlighted the strength of US-Irish law enforcement partnership in countering cybercriminals threatening American infrastructure.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
Conti ransomware was used to attack more critical national infrastructure than any other ransomware type.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15
In February 2022, Conti gained unusual publicity after a Ukrainian security researcher doxxed the organization following Conti's support for Russia's invasion of Ukraine.
First reported: 03.11.2025 12:15

1 source, 1 article
Show sources
- Conti Suspect in Court After Extradition From Ireland — www.infosecurity-magazine.com — 03.11.2025 12:15

Similar Happenings

Volodymyr Tymoshchuk Charged for LockerGoga, MegaCortex, Nefilim Ransomware Operations

Ukrainian national Volodymyr Viktorovich Tymoshchuk has been charged for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations. Tymoshchuk is accused of orchestrating attacks on hundreds of companies, leading to millions of dollars in damages. He is also linked to JSWORM, Karma, Nokoyawa, and Nemty ransomware gangs. Tymoshchuk faces multiple charges related to computer fraud, unauthorized access, and threatening to disclose confidential information. The U.S. Department of State is offering a reward of up to $11 million for information leading to his arrest. Tymoshchuk, known by various online aliases, has been a key figure in multiple ransomware operations. His activities have targeted a wide range of industries, including healthcare and industrial firms, causing significant disruptions and financial losses. The charges highlight the extensive reach and impact of his cybercriminal activities.

Open in new tab

DaVita ransomware attack exposes data of nearly 2.7 million individuals

DaVita, a kidney dialysis firm, confirmed that a ransomware attack compromised the personal and health information of nearly 2.7 million people. The breach occurred between March 24 and April 12, 2025, affecting data from DaVita's dialysis labs database. The Interlock ransomware gang claimed responsibility and leaked approximately 1.5 terabytes of data. The stolen data included names, addresses, dates of birth, social security numbers, health insurance details, treatment information, and dialysis lab test results. In some cases, tax identification numbers and images of personal checks were also compromised. The impact includes potential identity theft and financial fraud for affected individuals.