A highly redacted indictment unsealed Thursday describes the Nefilim ransomware scheme, alleging that Stryzhak and others agreed to give administrators 20 percent of their proceeds in exchange for access to the malware. A Ukrainian citizen has been charged and extradited to the United States for allegedly using Nefilim ransomware to attack large companies in the U.S. and elsewhere, federal prosecutors said Thursday. “The perpetrators of Nefilim typically customized the ransomware executable file for each victim, creating a unique decryption key and customized ransom notes,” the news release said. Stryzhak’s access to the ransomware began in June 2021, prosecutors said, and he was encouraged to target companies in the U.S., Canada or Australia with more than $200 million in annual revenue. Nefilim attacks have caused “millions of dollars in losses” overall between ransom payments and damage to computer systems, the news release said. The indictment says Nefilim victims in the U.S. included companies in industries such as aviation, engineering, chemicals, eyewear, insurance, construction, energy and pet care. Artem Stryzhak, 35, was arrested in Spain in 2024 and sent to the U.S. on Tuesday, according to a news release from the U.S. attorney for the Eastern District of New York. At its peak, Nefilim was known for securing larger payouts in comparison to other operations who were less choosy with targets.
This Cyber News was published on therecord.media. Publication date: Thu, 01 May 2025 20:45:12 +0000