Conti campaign expands across multiple victims
Campaign
Summary
Hide ▲
Show ▼
The Conti ransomware operation ran as a large-scale 2021-2022 extortion campaign that stole data and encrypted devices to pressure victims into paying Bitcoin. It struck victim networks in the United States and abroad and targeted hospitals, businesses, schools, and government agencies. Court documents say the operation hit more than 1,000 victims worldwide and collected over $150 million in ransom payments.
Related Happenings
DOJ guilty plea for Oleksii Oleksiyovych Lytvynenko in Conti ransomware case
Law Enforcement
H score36
First: 12.06.2026 20:54
Last: 12.06.2026 20:54
Sources 1
How related:
The U.S. Department of Justice announced Thursday that 44-year-old Oleksii Oleksiyovych Lytvynenko pleaded guilty to conspiracy to commit wire fraud for his role in Conti ransomware attacks conducted between 2021 and 2022.
About this happening:
**Oleksii Oleksiyovych Lytvynenko** pleaded guilty to **conspiracy to commit wire fraud** in a **Conti ransomware** case, resolving a major U.S. prosecution tied to attacks on vic...
DOJ guilty plea for Oleksii Oleksiyovych Lytvynenko in Conti ransomware case
Law EnforcementHow related: The U.S. Department of Justice announced Thursday that 44-year-old Oleksii Oleksiyovych Lytvynenko pleaded guilty to conspiracy to commit wire fraud for his role in Conti ransomware attacks conducted between 2021 and 2022.
About this happening: **Oleksii Oleksiyovych Lytvynenko** pleaded guilty to **conspiracy to commit wire fraud** in a **Conti ransomware** case, resolving a major U.S. prosecution tied to attacks on vic...
Tampa medical device company hit by ransomware attack linked to BlackCat (ALPHV)
Incident
H score21
First: 01.05.2026 10:47
Last: 01.05.2026 10:47
Sources 1
About this happening:
A **Tampa medical device company** suffered a **ransomware intrusion** in **May 2023** that encrypted its servers and triggered a **$10 million** ransom demand. The company later...
Tampa medical device company hit by ransomware attack linked to BlackCat (ALPHV)
IncidentAbout this happening: A **Tampa medical device company** suffered a **ransomware intrusion** in **May 2023** that encrypted its servers and triggered a **$10 million** ransom demand. The company later...
Silk Typhoon / Hafnium coordinated intelligence-gathering campaign
Campaign
H score41
First: 27.04.2026 22:56
Last: 27.04.2026 22:56
Sources 1
About this happening:
The **Silk Typhoon / Hafnium** operation is tied to a **coordinated intelligence-gathering campaign** spanning **February 2020 to June 2021**, underscoring a sustained espionage e...
Silk Typhoon / Hafnium coordinated intelligence-gathering campaign
CampaignAbout this happening: The **Silk Typhoon / Hafnium** operation is tied to a **coordinated intelligence-gathering campaign** spanning **February 2020 to June 2021**, underscoring a sustained espionage e...
Latest development: 28.04.2026 15:30
US officials described Silk Typhoon/Hafnium activity from February 2020 to June 2021 as a coordinated intelligence-gathering campaign that targeted US universities and COVID-19 researchers, including a Texas university network, and later expanded into Microsoft Exchange Server vulnerability exploitation. The operation reportedly used stolen mailbox access to search for vaccines, treatments, and testing research, and the FBI said the campaign affected more than 12,700 US organizations.
BlackCat campaign expands across multiple victims
Campaign
H score38
First: 22.04.2026 14:00
Last: 22.04.2026 14:00
Sources 1
About this happening:
The **BlackCat** ransomware operation ran a **multi-victim extortion campaign** against **US organizations** between **April and November 2023**, creating sustained ransom pressur...
BlackCat campaign expands across multiple victims
CampaignAbout this happening: The **BlackCat** ransomware operation ran a **multi-victim extortion campaign** against **US organizations** between **April and November 2023**, creating sustained ransom pressur...
Latest development: 01.05.2026 14:30
Ryan Goldberg and Kevin Martin were each sentenced to four years in prison for helping the BlackCat/ALPHV ransomware gang conduct attacks against multiple U.S. organizations during 2023. Prosecutors said the pair worked alongside Angelo Martino, paid BlackCat administrators a 20% share of ransom payments, and in one case received a Bitcoin ransom worth $1.2m while also leaking patient data from a healthcare victim.
Aleksei Volkov Indiana sentencing in ransomware case
Law Enforcement
H score39
First: 24.03.2026 12:32
Last: 24.03.2026 12:32
Sources 1
About this happening:
**Aleksei Volkov** was **sentenced** in **Indiana** to **81 months** for his role as an **initial access broker** in a **ransomware** case, closing a major US cybercrime prosecuti...
Aleksei Volkov Indiana sentencing in ransomware case
Law EnforcementAbout this happening: **Aleksei Volkov** was **sentenced** in **Indiana** to **81 months** for his role as an **initial access broker** in a **ransomware** case, closing a major US cybercrime prosecuti...
Timeline
-
12.06.2026 20:54 2 articles · 1h ago
DOJ details Conti ransomware campaign across U.S. and overseas victim networks
Initial DisclosureThe U.S. Department of Justice said Oleksii Oleksiyovych Lytvynenko pleaded guilty to conspiracy to commit wire fraud in a Conti ransomware case tied to attacks between 2021 and 2022. Prosecutors said Conti operators deployed ransomware on victim networks in the United States and abroad, stole data, encrypted devices, and extorted Bitcoin ransom payments, while court documents put the operation at more than 1,000 victims worldwide and over $150 million in ransom payments.
Show sources
- Ukrainian national pleads guilty to role in Conti ransomware operation — www.bleepingcomputer.com — 12.06.2026 20:54
- Ukrainian national pleads guilty to role in Conti ransomware operation — www.bleepingcomputer.com — 12.06.2026 20:54