惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

AI
AI
G
Google Developers Blog
T
Tailwind CSS Blog
大猫的无限游戏
大猫的无限游戏
量子位
月光博客
月光博客
美团技术团队
阮一峰的网络日志
阮一峰的网络日志
罗磊的独立博客
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
Latest news
Latest news
P
Privacy International News Feed
www.infosecurity-magazine.com
www.infosecurity-magazine.com
WordPress大学
WordPress大学
博客园 - 三生石上(FineUI控件)
TaoSecurity Blog
TaoSecurity Blog
Hacker News: Ask HN
Hacker News: Ask HN
Hugging Face - Blog
Hugging Face - Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
C
Cisco Blogs
Project Zero
Project Zero
Security Latest
Security Latest
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
人人都是产品经理
人人都是产品经理
Scott Helme
Scott Helme
S
Securelist
有赞技术团队
有赞技术团队
T
Threat Research - Cisco Blogs
N
News | PayPal Newsroom
博客园 - 聂微东
小众软件
小众软件
S
SegmentFault 最新的问题
D
Darknet – Hacking Tools, Hacker News & Cyber Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
P
Privacy & Cybersecurity Law Blog
博客园 - Franky
Cyberwarzone
Cyberwarzone
Cisco Talos Blog
Cisco Talos Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Spread Privacy
Spread Privacy
A
Arctic Wolf
S
Security @ Cisco Blogs
The Hacker News
The Hacker News
腾讯CDC
博客园 - 【当耐特】
T
Troy Hunt's Blog
NISL@THU
NISL@THU
爱范儿
爱范儿

Consumer Insights

The ransomware negotiator who was working for the other side INTERPOL crackdown shows scammers shifting to social media Meta lets strangers remix your public Instagram photos with AI—here’s how to opt out Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk Two arrested over credit card phishing - as the Netherlands is named Europe's worst for payment fraud India pauses WhatsApp username feature over security concerns Alleged teen ransomware hustler faces US charges after arrest in Finland WhatsApp usernames explained: how to reserve yours and stay safe Scammers race to cash in on Venezuelan earthquake disaster USB drives carrying China-linked malware infected Japanese military networks for nearly a year WhatsApp tests new safety prompt before you chat with strangers Social media is worth celebrating. It's also worth protecting. Polish police dismantle SIM-swap gang accused of crypto theft Operation Endgame deals fresh blow to StealC and Amadey malware networks Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones Cybercrime now rivals traditional crime across parts of Asia Apple's Hide My Email tweak leaves privacy fans fuming Americans lost $3.5 billion to imposter scams last year — and the scams are getting harder to spot Scammers have killed the physical Steam Gift cards Crypto investment scam sends couriers to collect victims' cash, FBI warns Maine forced to take down data breach portal after fake notices filed with authorities Privacy own-goal: World Cup blunder leaks Lionel Messi's passport details Why schools remain one of cybercriminals' favourite targets WhatsApp detects new spyware activity from Israel’s NSO Group despite court order Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5 Europol cracks down on illegal streaming globally Hackers didn't hack Instagram; they just asked Meta AI FBI Warns Fans About FIFA Scams Ahead of 2026 World Cup Virtual knife, real lawsuit: Counter-Strike skin dispute ends in court As Deepfakes Spread, YouTube Makes AI Labels Harder to Miss Carnival breach exposes data of nearly 6 million people Police arrest man following hack of Ajax football club MyPillow listed on ransomware gang's leak site, but denies it has been breached FBI warns criminals impersonating IT support to breach law firms FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts — no password required Telecom Executives Plead Guilty to Tech Support Fraud 7-Eleven data breach exposes data of 185,000 people ASIC Warns Australians About Crypto Trading Scams Google Search AI Mode brings a major overhaul Deleted Google API keys may remain active for 23 minutes Ukrainian police identify perp in $721k infostealer scheme Steam removes horror game after malware steals player data FBI: Crypto ATM Scams Keep Growing as Americans Lose Millions FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Scam Centers Under Pressure as INTERPOL Makes More Arrests FBI Warns Older Adults Lost Billions to Scammers Burst Statistics WordPress flaw under attack Android 17 Will Let Users Verify Whether Their OS Is Legit Suspected Dream Market kingpin arrested after gold bars sent to his home address BitLocker zero-day exposes Windows drives as PoC goes public Apple Fixes ‘Persistent Notifications’ Flaw on Older iPhones Football Ticket Scams Are Rising Fast, Lloyds Bank Warns When ransomware gets physical: cybercriminals turn to threats of violence iPhone-to-Android Texts Are Now Encrypted (RCS Messaging) UK Water Supplier Fined Nearly £1 Million After Hackers Roamed Networks for Almost 2 Years Instagram Drops Encrypted DMs — What This Means for You New fear: Man films woman with smart glasses, seeks money to take video down ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia Inside Department 4: Russia's secret school for hackers Ubuntu’s new AI dreams attracted a very old-fashioned crypto scam on X Chrome 4GB AI model: What weights.bin does Sri Lanka makes 37 arrests as it raids another scam centre DAEMON Tools Lite breach prompts urgent update after malware-laced installer Brits Lost £102 Million to Romance Scams Last Year The Online Safety Act Is Changing the Internet for Kids World Password Day 2026 How Hackers Stole and Sold Roblox Accounts for $250,000 Before Getting Caught Four Years in Prison for Cybersecurity Pros Turned Ransomware Attackers Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition 276 Arrested in Crypto Scam Crackdown Popular WordPress redirect plugin found with years-old backdoor Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats Alleged Silk Typhoon hacker extradited to the United States to face charges FTC: Social Media Scams Cost Americans $2.1 Billion in 2025 French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches iOS Flaw Exposed ‘Deleted’ Signal Messages Sony Starts Enforcing PlayStation Age Verification; UK and Ireland Are First Ransomware ‘Negotiator’ Faces 20 Years in Prison for Allegedly Betraying His Employers You’ve Got Mail and It’s Tracking Your Warship Crypto Investment Scam Costs Woman in Hong Kong Nearly $1 Million Operation PowerOFF warns 75,000 DDoS users Singer loses life savings to fake wallet downloaded from the Apple App Store AgingFly malware targets Ukraine government, hospitals 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data FBI: Cybercrime Losses Hit $21 Billion in 2025, Fueled by AI Life imprisonment for Cambodian scam compound operators - but will it make a difference? Fake Claude Code leak on GitHub spreads Vidar malware Apple Expands ‘DarkSword’ Patch to More iPhones and iPads Nigerian romance scammer jailed after being caught out by fellow fraudster Fake WhatsApp Clone Used in Spyware Campaign, Meta Warns Fake CERT-UA emails spread AGEWHEEZE in ukraine Alleged RedLine malware developer extradited to United States The Scam That Tricks You Into Infecting Your Own Mac Iranian hackers breach FBI director's personal email, and post his CV and photos online Don't Ignore This Security Alert Apple Sent to iPhone Lock Screens Meta and YouTube Designed Addictive Platforms, Jury Finds TikTok Business phishing campaign targets advertisers Lapsus$ claims AstraZeneca breach exposes code and credentials How one man used 10,000 bots to steal $8,000,000 from music artists
After years on the run, alleged Ryuk ransomware operator pleads guilty
Filip TRUȚĂ · 2026-07-13 · via Consumer Insights

A suspected member of the notorious Ryuk ransomware operation has pleaded guilty in a US federal court after being extradited from Ukraine.

Karen Serobovich Vardanyan, a 34-year-old Armenian national, admitted to participating in a conspiracy that targeted companies across the United States between late 2019 and early 2020.

The attacks allegedly led to more than $15 million in ransom payments from victims.

Key takeaways:

  • An alleged Ryuk ransomware operator has pleaded guilty after being extradited from Ukraine
  • Prosecutors say the conspiracy targeted hospitals, municipalities, manufacturers, schools, and large enterprises
  • Victims are said to have paid more than $15 million in ransom
  • The defendant faces up to 15 years in prison and has agreed to pay nearly $1.2 million in restitution
  • Bitdefender recommends deploying a dedicated security solution to stem the chances of a successful ransomware attack

A key role in Ryuk attacks

According to the US Department of Justice, Vardanyan pleaded guilty to conspiracy and computer fraud for helping compromise corporate networks that were later encrypted with Ryuk ransomware.

Investigators say he and his co-conspirators obtained unauthorized access to victim organizations before deploying ransomware and demanding payment in exchange for restoring access to critical systems. The attacks took place between November 2019 and April 2020 while Ryuk was among the world's most active ransomware operations.

According to the DOJ:

Between November 2019 through April 2020, Vardanyan illegally accessed computer networks of victim companies to deploy Ryuk ransomware on compromised servers and workstations.
As part of the scheme, ransom payments were extorted from victim companies in exchange for decryption keys to regain access to their data. A ransom note was placed on the computer systems demanding ransom payments in Bitcoin, a form of cryptocurrency, and provided an email address that victims could use to communicate with the cybercriminals.
Vardanyan worked with his co-conspirators to attack a company in Michigan that paid 200 bitcoin or over $1.1 million at the time of payment to restore access to their network.
Vardanyan and his co-conspirators are alleged to have received approximately 1,610 bitcoins in ransom payments from the victim companies, which was valued at over $15 million at the time of payment.

US authorities said Vardanyan was arrested in Kyiv in 2025, extradited to the United States, and entered his guilty plea in federal court in Portland, Oregon. Sentencing is scheduled for later this year, where he faces a maximum prison sentence of 15 years. He has also agreed to pay nearly $1.2 million in restitution to victims.

The investigation involved the FBI alongside Europol, authorities in Ukraine and France, and other international partners. The case follows a series of arrests, extraditions, infrastructure seizures, and sanctions targeting ransomware groups over the past several years.

Ryuk's legacy

While these actions have disrupted many established gangs, ransomware remains one of the most profitable forms of cybercrime, with new groups emerging as older operations are dismantled or rebrand under different names.

Although Ryuk has largely disappeared from today's ransomware landscape, its influence is still felt.

The malware, active between 2018 and 2021, became notorious for targeting hospitals, municipalities, manufacturers, schools, and large enterprises. Rather than relying on mass phishing campaigns alone, Ryuk operators often spent days or weeks inside victim networks, stealing credentials, moving laterally, and identifying the systems whose encryption would cause the greatest disruption.

Security researchers have long associated Ryuk with sophisticated cybercriminal groups operating from Eastern Europe. Many attacks were believed to begin with malware such as TrickBot or Emotet, which provided the initial foothold inside corporate environments.

The campaign helped shape what has since become the standard ransomware playbook:

  • Gain privileged access
  • Disable defenses
  • Encrypt critical assets
  • Pressure victims into paying large sums to restore operations

How to reduce ransomware risk

No single security measure can completely eliminate ransomware risk, but organizations can significantly reduce their exposure by:

  • Enabling multi-factor authentication across all critical accounts
  • Promptly patching internet-facing systems and remote access services
  • Segmenting networks to limit lateral movement
  • Maintaining offline or immutable backups that are regularly tested
  • Monitoring for suspicious credential use and privilege escalation
  • Training employees to recognize phishing and other social engineering attacks
  • Deploying layered endpoint protection capable of detecting ransomware behavior before encryption begins

Advice for small/medium-sized business owners

If you run a small or medium-sized business, thoroughly review your cybersecurity posture to prevent a breach at the hand of professional hacking groups. For some businesses, a ransomware attack can inflict losses that far outweigh the investment in a strong cybersecurity posture.

Bitdefender strongly recommends deploying a dedicated security solution to stem the chances of a successful attack.

Bitdefender Ultimate Small Business Security is an extended version of our consumer-friendly security suite, designed specifically for small and medium-sized firms. It includes malware detection, ransomware prevention, email protection, account breach protection, scam protection, and VPN. It can be administered by anyone in your organization, thanks to a natural, intuitive dashboard designed for use even by non-techies.

You may also want to read:

New Jersey neurology practice fined $25,000 over ransomware incident

How scammers stole $20 million by hacking emails of real estate agents

£3 million fine for a victim of LockBit ransomware