FBI sanctions listing
VOLODYMYR VIKTOROVYCH TYMOSHCHUK
VOLODYMYR VIKTOROVYCH TYMOSHCHUK is an individual designated on the U.S. Federal Bureau of Investigation — Wanted (FBI) sanctions list under the Cyber's Most Wanted programme, listed on 2025-06-09. Cyber's Most Wanted. This page summarises the public designation — known aliases, Ukrainian nationality, identifying particulars, the stated reason for listing and linked parties — alongside an independent, transparent risk indicator.
Reason for listing
Conspiracy to Commit Fraud and Related Activity in Connection with Computers; Intentional Damage to a Protected Computer; Unauthorized Access to a Protected Computer; Transmitting a Threat to Disclose Confidential Information Volodymyr Viktorovych Tymoshchuk is an alleged ransomware administrator of at least three different ransomware variants. From December of 2018, through October of 2021, Tymoshchuk and his co-conspirators allegedly deployed LockerGoga, MegaCortex, and Nefilim ransomware, which compromised the computer networks of hundreds of companies around the world, including more than 250 companies in the United States, in order to extort ransom payments from the victim companies. On May 7, 2024, a federal arrest warrant was issued for Tymoshchuk in the United States District Court, Eastern District of New York, Brooklyn, New York, after he was charged with two counts of Conspiracy to Commit Fraud and Related Activity in Connection with Computers; multiple counts of Intentional Damage to a Protected Computer; Unauthorized Access to a Protected Computer; and Transmitting a Threat to Disclose Confidential Information. The United States Department of State’s Transnational Organized Crime Rewards Program is offering a reward of up to $10,000,000 for information leading to the arrest and/or conviction of Volodymyr Viktorovych Tymoshchuk, and up to $1,000,000 for information leading to the arrest and/or conviction of other key leaders of the Nefilim, LockerGoga, and MegaCortex Ransomware variants.
Statement of reasons as published by US FBI. This is the issuing authority's wording, reproduced for reference.
Designation record
| List / authority | US FBI (FBI) — FBI — Cyber's Most Wanted |
|---|---|
| Entity type | Person |
| Programmes / regime | Cyber's Most Wanted |
| Date listed | 2025-06-09 |
| Source record ID | fbi:5b26428e4fd04bfdb95c3fcf1f1ab322 |
| Last updated (our copy) | 2026-06-04 |
Identity & particulars
| Position / role | Cyber's Most Wanted |
|---|---|
| Date of birth | October 2, 1996 |
| Place of birth | Ukraine |
| Nationality / country | Ukrainian |
| Gender | Male |
Known aliases (6)
Deep-research dossier
Not yet deep-researched
The instant review above is drawn from the public lists. A deep-research dossier goes much further — an analyst-grade OSINT report: associate & co-investment network screening, structural / ownership opacity, a dated risk trajectory, an 8-factor scoring model, and numbered, source-linked evidence. See the format in the design system.
Clarifications & right of reply
Are you VOLODYMYR VIKTOROVYCH TYMOSHCHUK, or an authorised representative?
You — or your counsel or agent — can file a clarification and supporting documents against this record. Filings are reviewed and verified before anything is published; submissions are never posted automatically.
File a clarification or document
Source & provenance
| Issuing authority | U.S. Federal Bureau of Investigation — Wanted |
|---|---|
| Source identifier | fbi:5b26428e4fd04bfdb95c3fcf1f1ab322 |
| Aggregated by | Sanctiometer (independent) — verify against the issuing authority's official list before acting. |