A Ukrainian man extradited from Ireland has pleaded guilty in the United States for his role in the Conti ransomware operation, one of the most damaging cybercrime groups active during the pandemic years.

Oleksii Oleksiyovych Lytvynenko, 44, admitted to conspiracy to commit wire fraud after prosecutors said he worked with others involved in deploying Conti ransomware against victims in the US and overseas. His guilty plea follows his extradition from Ireland, as reported by Hackread.com in October 2025.

According to the US Department of Justice, Conti was used between 2020 and 2022 to attack more than 1,000 computers and networks. The FBI estimates that by January 2022, victims had paid at least $150 million in ransom demands linked to the malware.

Prosecutors said the group used a familiar ransomware model, including compromising victim networks, encrypting files, stealing data, and making ransom demands. Those demands often included threats to publish stolen data if victims refused to pay.

In its press release, the Justice Department said Conti ransomware attacks had targeted victims in 47 US states, the District of Columbia, Puerto Rico, and 31 foreign countries. These targets included businesses and organizations of different sizes, with prosecutors saying the group caused millions of dollars in damage.

Lytvynenko admitted that he joined the Conti conspiracy in September 2021. As part of his plea, he acknowledged having data stolen from eight US victims and four victims outside the United States.

Court filings also describe his work with a Conti member who directed him to code a “loader.” In malware operations, a loader is commonly used to install or run other malicious tools needed for further attacks.

Lytvynenko is scheduled to be sentenced on September 10, 2026. He faces a maximum penalty of 20 years in prison, although the final sentence will be decided by a federal judge after reviewing sentencing guidelines and other legal factors.

The action is part of Operation Riptide, an FBI campaign targeting cybercrime actors, infrastructure, and financial networks behind online fraud and ransomware. According to the FBI, Americans reported more than $20 billion in cybercrime losses last year, a 26 percent increase from the prior year.

The case adds another guilty plea to the US government’s effort to identify and prosecute people linked to ransomware gangs. In December 2025, two Americans, Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, pleaded guilty in a Florida federal court to carrying out a series of extortion attacks for the ALPHV, also known as BlackCat, ransomware gang during 2023.

That same month, another Ukrainian national, Artem Aleksandrovych Stryzhak, 35, pleaded guilty to deploying Nefilim ransomware as part of a global extortion scheme that targeted companies in multiple countries. Stryzhak had been extradited from Barcelona, Spain, to the United States.