Overview
- On Friday, June 12, 2026, Oleksii Oleksiyovych Lytvynenko pleaded guilty in federal court to conspiracy to commit wire fraud for his role in Conti ransomware attacks.
- Court filings say Lytvynenko admitted he joined Conti by about September 2021, held stolen data from 12 victims, and worked on coding a malware “loader” used to deliver other attack tools.
- Lytvynenko was arrested in Ireland in July 2023, extradited to the United States in October 2025, remains in federal custody in Tennessee, and faces up to 20 years in prison at sentencing on September 10, 2026.
- The Justice Department and FBI framed the case as part of Operation Riptide and noted Conti infected more than 1,000 systems across 47 U.S. states and about 31 countries and extorted at least $150 million by January 2022.
- Prosecutors say the case signals a broader enforcement strategy: using conspiracy and fraud charges to reach developers, enablers, and financial facilitators of ransomware, which raises pressure on companies to preserve logs and cooperation with investigators.