A member of the notorious Ryuk Ransomware Operation, who was specific in achieving early access to the corporate network, has been extradited in the United States.
The suspect is a 33 -year -old foreign man who was arrested in his house in Kiev at the request of the FBI in April 2025. He was extradited in the United States on 18 June yesterday.
In 2023, Ukrainian Cyber Police, National Police, and International Law Enforcement partners began an investigation into a ransomware operation, with members of attacks on companies in France, Norway, Germany, Netherlands, Canada and USA.
He led to this operation Identification, seizure and arrest of equipment Several cyber criminals living in Ukraine for their participation in Lockragoga, Megacoortex, Hive and Religion Rainmary families.
In an announcement, Ukraine’s national police say the investigation allowed them to identify a ryuk ransomware member, which was particularly special in achieving access to the corporate network and then to other members to steal data and deploy ransomware.
“Through the analysis of the information obtained as a result of investigative works, it is possible that it was possible to identify the 33 -year -old member of the group, who were engaged in searching the weaknesses in the corporate networks of the aggrieved companies,” Announcement,
“The data obtained by the hackers was used by his colleagues to plan and do cyber attack.”
While the 33 -year -old man’s name is currently unknown, Ukraine says the suspect was previously placed in an international desired list by the FBI and several crimes by the United States.
Ryuk was active between the ransomware gang 2018 and between 2020, when it was responsible for several attacks on organizations in almost all areas including Healthcare during the Kovid epidemic.
In 2020, the ransomware gang resumed as the Conty Rainmware Operation, which became one of the most active gangs at that time.
In 2022, the Cotty Rainmine gang shut down, divided into several groups, some are still active.
Researchers first monitored the ransom payment to the cybercrime operation and speculated that Rayuk earned $ 150 million while active.
Bleepingcomputer contacted the Department of Justice with questions about extradition and will update the story if we get a response.
Patching meant complex scripts, long and endless fire drills. No more.
In this new guide, the tines break down how it is leveling with modern organ automation. Patch fast, reduce overhead, and focus on strategic tasks – no complex script is required.
