TZUTC: -0500
MSGID: 1483.consprcy@1:2320/105 2d26b617
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
$10 million bounty issued by US DOJ for ransomware kingpin responsible for 
$18 billion of damage

Date:
Wed, 10 Sep 2025 10:43:00 +0000

Description:
The police are looking for a Ukrainian national allegedly responsible for
millions in ransomware damages.

FULL STORY

The US Department of Justice (DoJ) just placed a bounty on a cybercriminal
suspected of a series of cyberattacks around the world. 

The reward is $10 million and will be paid out to anyone who provides enough
information to result in his arrest. 

The suspects name is Volodymyr Tymoshchuk, a 28-year-old Ukrainian. He is
believed to be the mastermind behind the deployment of LockerGoga ransomware 
, which infected hundreds of companies. According to the EU Most Wanted
website, his group caused more than $18 billion in damage worldwide.

Previous arrests

Europol said in its press release that Tymoshchuk and his group were also
responsible for the 2019 ransomware attack against a major Norwegian 
aluminium company. In underground criminal circles, he is known as Deadforz,
Boba, Farnetwork, Msfv, and Volotmsk. 

The European law enforcement agency also said that the identification of the
suspect came after a complex international investigation, which included
operations in France, Germany, Norway, Switzerland, Ukraine, the United
Kingdom, and the United States. Both Europol and Eurojust (European Union
Agency for Criminal Justice Cooperation) participated, as well. 

While the hunt for Tymoshchuk is on, a few alleged members of his crew have
already been arrested in Ukraine. This, Europol further stresses, helped the
police map out the structure of the group and identify key individuals,
including malware developers, intrusion specialists, and money launderers. 

In mid-March 2019 Norsk Hydro, one of the worlds largest aluminium producers
based in Norway, fell victim to a highly disruptive LockerGoga attack that
encrypted thousands of endpoints, including corporate and industrial systems.
Numerous facilities were impacted, including those in Norway, the US, Brazil,
Qatar, and others. Reports at the time said up to 22,000 computers across 170
sites were impacted. 

The financial fallout was significant. Losses in the first quarter were
estimated at 300350 million NOK (between $35 and 41 million), with additional
operational costs mounting up in the weeks and months that followed. 

By mid-2019, Norsk Hydro itself estimated the total cost of the attack across
all business areas to be around 800 million NOK ($80 million).

======================================================================
Link to news story:
https://www.techradar.com/pro/security/usd10-million-bounty-issued-by-us-doj-f
or-ransomware-kingpin

$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470
SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426