Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1838+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Ryuk Operator Pleads Guilty; BlackCat/AlphV Conspirator Gets Nearly 6-Year Sentence
Ryuk Operator Pleads Guilty; BlackCat/AlphV Conspirator Gets Nearly 6-Year Sentence
NEWS

Ryuk Operator Pleads Guilty; BlackCat/AlphV Conspirator Gets Nearly 6-Year Sentence

A Ryuk ransomware operator pleaded guilty in Oregon federal court while a BlackCat/AlphV conspirator received a 70-month prison sentence in Florida, marking twin ransomware enforcement victories in a single day.

Dylan H.

News Desk

July 11, 2026
3 min read

Twin Ransomware Verdicts Hit Federal Courts on the Same Day

In a banner day for ransomware accountability, US federal courts handed down two significant rulings on July 10, 2026 — one guilty plea from a Ryuk ransomware operator and a nearly six-year prison sentence for a BlackCat/AlphV extortion conspirator — signalling the sustained pressure law enforcement is placing on ransomware ecosystems.

Ryuk Operator Pleads Guilty in Oregon

An individual accused of deploying Ryuk ransomware entered a guilty plea Wednesday in an Oregon federal district court, admitting to conspiracy and computer fraud charges. Ryuk — a ransomware strain that dominated enterprise and government targeting from 2018 through the early 2020s — was responsible for hundreds of millions of dollars in damages across healthcare, education, and critical infrastructure sectors before its affiliate network gradually shifted to successor strains.

Details of the specific attacks involved in the Oregon case were not fully disclosed in public court filings, but the conspiracy charge indicates the defendant participated in a broader criminal enterprise beyond simply deploying the malware. Computer fraud charges typically encompass unauthorized access and the resulting data damage.

BlackCat/AlphV Conspirator Sentenced to 70 Months

Separately, a Florida federal court sentenced a co-conspirator who assisted the BlackCat/AlphV ransomware group to 70 months (approximately five years and ten months) in federal prison. BlackCat/AlphV operated as a sophisticated Ransomware-as-a-Service (RaaS) platform from 2021 until a law enforcement takedown in late 2023, during which it amassed hundreds of victims across critical sectors globally.

This sentencing is the third known case of a US-based security professional being imprisoned for involvement with a ransomware gang, raising fresh scrutiny of the insider threat posed by individuals with legitimate cybersecurity backgrounds who cross into criminal activity.

Context: Ransomware Accountability Escalating

These cases are part of a broader enforcement trend. Since 2022, the US Department of Justice has:

  • Charged or indicted over a dozen ransomware actors tied to LockBit, BlackCat, Hive, and Ryuk/Conti families
  • Coordinated multi-country takedowns of RaaS infrastructure
  • Progressively pursued affiliates, not just core developers

The combination of plea agreements and substantial prison terms serves as a deterrent signal: participation at any level of a ransomware operation — including as an affiliate or support actor — carries serious criminal exposure.

What This Means for Defenders

While individual prosecutions don't eliminate the ransomware threat, each conviction reduces the supply of skilled actors willing to operate in the ecosystem. Organizations should continue to:

  • Maintain offline, tested backups
  • Enforce endpoint detection and response (EDR) tooling
  • Monitor for lateral movement and credential theft, which often precede ransomware deployment
  • Conduct tabletop exercises simulating ransomware scenarios

Sources

  • The Record: Ryuk operator pleads guilty; AlphV conspirator sentenced
#Ransomware#Cybercrime#Law Enforcement#Ryuk#BlackCat

Related Articles

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

Angelo Martino, a former ransomware negotiator turned insider threat, was sentenced to 70 months in federal prison for actively assisting the BlackCat/AlphV ransomware group — the third known case of a US cybersecurity professional imprisoned for aiding a ransomware operation.

3 min read

Armenian National Pleads Guilty to Ryuk Ransomware Attacks

Karen Vardanyan, an Armenian national, has pleaded guilty to federal charges related to Ryuk ransomware attacks and faces up to 15 years in prison with $1.2 million in restitution.

3 min read

Alleged Scattered Spider Hacker Peter Stokes Extradited to the United States

Peter Stokes, 19, a dual US-Estonian citizen known online as 'Bouquet,' has been extradited from Finland to face federal charges for his alleged role in...

3 min read
Back to all News