Tymoschuk Vladimir Viktorovich

Tymoschuk Vladimir Viktorovich

Biography

2025: U.S. authorities' $11 million reward for helping to capture accused of stealing $18 billion from companies around the world

On September 9, 2025, the US Department of Justice announced that the US administration had appointed a reward of up to $11 million for information that would lead to the arrest of Ukrainian hacker Vladimir Tymoshchuk and his accomplices. They are accused of organizing attacks using ransomware viruses, the total damage from which is estimated at $18 billion.

The US Department of Justice said in a statement that Tymoshchuk, also known as deadforz, Boba, msfv and farnetwork, acted as an administrator in the LockerGoga, MegaCortex and Nefilim extortion schemes. The victims were more than 250 companies across the United States and hundreds of other organizations around the world.

The indictment, in particular, says that between December 2018 and October 2021, Tymoshchuk used malware for enciphering data in computer systems in various regions of the United States, as well as in,,, and France Germany. Netherlands Norway These Switzerland ransomware attacks have resulted in multimillion-dollar losses, including direct damage to victims' IT infrastructure, recovery costs and ransom payments. In some cases, such incursions turned into a complete cessation of business operations in the affected companies. If the victim agreed to pay the money, the attackers sent her a decryption tool that allowed them to recover the encoded information.

Tymoshchuk is charged with seven counts, including conspiracy to commit fraud and willful damage to computer systems. The FBI is investigating the case. It is also noted that the decoder for the LockerGoga ransomware virus was released in September 2022 as part of the No More Ransomware project, and for MegaCortex in January 2023.^[1]

Notes