ransomware🌐InternationalThe Record
Nefilim ransomware hacker pleads guilty to computer fraud
Monday, December 22, 2025
What
Artem Stryzhak, a 35-year-old Ukrainian national, was arrested and extradited to the U.S. for his involvement in Nefilim ransomware attacks that extorted millions from companies with over $100 million in revenue. Stryzhak was granted access to the ransomware code in exchange for a percentage of the ransom payments and utilized various tactics to pressure victims into compliance, including data theft and threats of public exposure.
Where
Eastern District of New York, with victims in the U.S., Canada, and Australia.
When
Stryzhak was arrested in Barcelona in 2024, extradited in April 2025, and pleaded guilty in December 2025, with sentencing scheduled for May 2026.
Key Factors
- •Stryzhak used Nefilim ransomware, which encrypts networks and demands ransom payments.
- •He was required to pay 20% of the ransom proceeds to the ransomware developers.
- •The group targeted companies with significant revenue, causing millions in losses.
Takeaways
- →Organizations should enhance their cybersecurity measures to protect against ransomware attacks.
- →The case highlights the ongoing threat of ransomware and the importance of international cooperation in cybersecurity enforcement.
- →Companies must have incident response plans in place to mitigate the impact of potential ransomware attacks.
