Apply now for free support from our Cybersecurity Services Centre

Apply for free cybersecurity support

Attend the Ransomware Defence Summer Bootcamp in Amsterdam, June 2026

Attend our free summer bootcamp on ransomware defence

Enroll in the Foundations of Cybersecurity and AI online live course

Learn online about the foundations of cybersecurity and AI

Charges against Ukrainian admin of LockerGoga/MegaCortex/Nefilim ransomware

Event Details

Tymoshchuk (aka “deadforz/Boba”) allegedly acted as an administrator for the LockerGoga, MegaCortex, and Nefilim ransomware schemes that extorted 250+ U.S. companies and hundreds more worldwide. He and co-conspirators operated from 2018–2021, deploying new ransomware strains when older ones were decrypted. An international investigation (with Europol and authorities in multiple European countries) identified him. Decryption keys for LockerGoga/MegaCortex had been released to victims in 2022. Tymoshchuk is still on the run.

Date

09/09/2025

Ransomware Groups

and Nefilim, MegaCortex, Multiple - LockerGoga

Event Category

Indictment

Level of Cooperation

International

Country

🇺🇸 United States

Sources

EU, U.S. Step Up Hunt for Fugitive Hacker Tied to Multibillion-Dollar Ransomware Strikes

“LockerGoga,” “MegaCortex,” and “Nefilim” Ransomware Administrator Charged with Ransomware Attacks

US charges admin of LockerGoga, MegaCortex, Nefilim ransomware

Charges against Ukrainian admin of LockerGoga/MegaCortex/Nefilim ransomware

Event Details

Date

Ransomware Groups

Event Category

Level of Cooperation

Country

Sources

How the curriculum builder works

Thank you for signing up to our newsletter!

Thank you! RSVP received for Charges against Ukrainian admin of LockerGoga/MegaCortex/Nefilim ransomware

Charges against Ukrainian admin of LockerGoga/MegaCortex/Nefilim ransomware

Loading...