A suspected member of the Ryuk ransomware operation has pleaded guilty in the United States after admitting to helping compromise corporate networks and deploy ransomware against multiple organizations.
Karen Serobovich Vardanyan, 34, was extradited from Ukraine after his arrest in Kyiv in April 2025. Prosecutors say he provided initial access to victim networks before ransomware was deployed.
Attacks Targeted Multiple US Organizations
According to court documents, Vardanyan participated in attacks carried out between November 2019 and April 2020.
Investigators say he and his co-conspirators illegally accessed corporate networks before deploying Ryuk ransomware across hundreds of servers and workstations.
One of the victims was a Michigan company that paid a ransom of 200 Bitcoin, valued at more than $1.1 million at the time. Prosecutors also identified a technology company in Wilsonville, Oregon, and a school in Texas as additional victims.
Millions Collected Through Ryuk Attacks
The U.S. Department of Justice says the group received roughly 1,610 Bitcoin in ransom payments during the attacks.
At the time, the cryptocurrency was worth approximately $15 million.
The Ryuk ransomware gang operated between 2018 and mid-2020. During that period, it became one of the world’s most active ransomware operations. The group targeted organizations across numerous industries, including healthcare providers during the COVID-19 pandemic.
Security researchers estimate the gang attacked around 20 organizations every week at its peak and generated more than $150 million in ransom payments.
Ryuk Members Later Joined Conti
After Ryuk shut down in 2020, many of its members moved to the Conti ransomware operation.
Conti quickly became one of the most prolific cybercrime groups before collapsing in 2022. Its internal chats and source code were leaked online, causing the operation to fragment into multiple smaller groups. Several of those groups remain active today.
Sentencing Scheduled for September
A federal grand jury indicted Vardanyan in February 2024. He is scheduled to be sentenced in September 2026.
He faces a maximum prison sentence of 15 years on two criminal charges. Each charge also carries a potential fine of up to $250,000.
As part of his plea agreement, Vardanyan has also agreed to pay more than $1.1 million in restitution.


0 responses to “Ryuk Ransomware Member Pleads Guilty, Faces Up to 15 Years in US Prison”