01.05.2025
2 min
737
A Ukrainian citizen, Artem Stryzhak, was extradited to the US on charges of conspiracy to use ransomware to attack large companies for the purpose of blackmail and ransom. He faces up to 5 years in prison.
The Federal Prosecutor’s Office for the Eastern District of New York has announced charges against 35-year-old Artem Stryzhak, who was arrested in Spain in June 2024 and extradited to the US on April 30, 2025. According to the investigation, he acted as an operator of the Nefilim ransomware, which targets large companies with annual revenues of over $100-200 million in the US, Canada and Australia. The attackers gained access to corporate networks, encrypted data, and then demanded ransom, threatening to publish the stolen information. Strizhak worked through a special Nefilim control panel and shared the profits with the group’s administrators.
Nefilim is one of the most famous cyber-blackmail tools that appeared on the FBI’s radar back in the 2020s. Its feature is a personalized approach to each victim: a unique decryption key and special notes with demands were created for each attack. In 2021, the program administrators gave Strizhak access to its code in exchange for a share of the profits. Strizhak himself asked if he should use a new pseudonym “so as not to get burned in front of the feds.”
This case demonstrates the effectiveness of international cooperation in the fight against cybercrime. The involvement of the FBI, the US Department of Justice, Spanish authorities and international partners has brought to justice a participant in a complex cross-border criminal scheme. The lesson is clear: even if the attacks are carried out thousands of kilometers away, the jurisdiction of the law is global.
