Ukrainian man pleads guilty in US to Conti ransomware charges

A 44-year-old Ukrainian national has admitted in US federal court to his role in the Conti ransomware operation, one of the most destructive cybercrime enterprises ever to weaponize Bitcoin as its payment rail. Oleksii Oleksiyovych Lytvynenko entered a guilty plea on June 12 to conspiracy to commit wire fraud, a charge that carries a maximum sentence of 20 years in federal prison.

Lytvynenko’s involvement with Conti began in September 2021, when he contributed to the development of a malware loader and managed stolen data from 12 victims. Eight of those victims were based in the United States. His sentencing is scheduled for September 10, 2026.

From Ireland to a US courtroom

Lytvynenko was arrested in Ireland in July 2023, roughly a year after Conti officially dissolved. Then came a prolonged extradition process that didn’t deliver him to US soil until October 2025, more than two years after Irish authorities picked him up.

Conti ran a ransomware-as-a-service model, essentially franchising its attack tools to affiliates who would do the dirty work of infiltrating networks. The playbook was double extortion: encrypt the victim’s data so they can’t access it, then threaten to publish it online unless they pay up.