A 51-year-old individual living in Switzerland has been charged with a series of ransomware attacks that targeted businesses across seven countries, including Scotland, the United States, and Canada.

Swiss authorities say the man was part of a criminal network responsible for ransomware attacks involving such malware strains as “LockerGoga”, “Megacortex” and “Nefilim” between December 2018 and May 2020. The ransomware operation was taken down in November 2023 following a joint international law enforcement effort. Earlier this year, the Ukrainian police arrested another suspected member of the group, who was later extradited to the US.

According to the Zurich public prosecutor's office, affected companies in Switzerland, France, Norway, the Netherlands, and other countries suffered losses estimated at 130 million Swiss Francs. Some victims reportedly paid ransoms in Bitcoin, with one company handing over a record 41 million Francs to regain access to its data.

The accused now faces charges of extortion, computer-related crimes, money laundering, and pornography offenses. Prosecutors are seeking a 12-year prison sentence and his deportation from Switzerland. The trial is said to take place at the Zurich District Court, though a date has yet to be set. In total, 12 individuals have been arrested worldwide in connection with the criminal operation.

A hacker who targeted Spanish banks arrested

A joint operation between the Mossos d'Esquadra and Spain’s National Police has led to the arrest of a hacker allegedly responsible for a series of high-profile cyber-attacks.

The suspect, a young man described as having advanced computer skills and currently studying computer science, was apprehended in the town of Roses. Authorities say he is accused of hacking and stealing sensitive data from several Spanish institutions, including banks, a driving school, and a public university.

According to investigators, the stolen information ranged from personal employee and client databases to internal corporate documents. It was either sold or made publicly available on Dark Web forums.

During a raid on the property, the authorities confiscated numerous electronic devices and tools, including a laptop, over thirty SIM cards, multiple mobile phones, external hard drives, and several bank cards registered under different names. At present, authorities are trying to determine the full extend of the data breaches and identify any potential accomplices.

ATM skimmer sentenced to 10 years for stealing thousands of EBT cards

A Romanian national has been sentenced to 10 years in federal US prison for orchestrating a large-scale scheme that targeted low-income families by skimming Electronic Benefit Transfer (EBT) cards.

Catalin-Marius Graur, 43, was also ordered to pay $165,697 in restitution. Graur pleaded guilty in October 2024 to one count of conspiracy to commit bank fraud.

Authorities said Graur traveled across the US, installing advanced skimming devices on ATMs and point-of-sale terminals to harvest account information from unsuspecting users.

In June 2024, federal agents arrested Graur at an Airbnb rental in New York City, where he was found with over $37,000 in cash and 1,488 stolen access device numbers. Investigators later discovered that over a three-year period, Graur had sent more than 36,000 stolen EBT card numbers to a co-conspirator in a Romanian-based criminal organization.

A fraudster extradited to the US to face charges over a $2.5M hack

Chukwuemeka Victor Amachukwu, a 39-year-old Nigerian national, has been extradited from France to the United States to face charges related to a large-scale cybercrime and fraud operation. According to federal prosecutors, Amachukwu was a mastermind behind a major scheme that began around 2019. Along with several accomplices based in Nigeria, he is accused of orchestrating a coordinated effort to hack into American tax preparation firms using phishing emails to steal sensitive data.

With access to thousands of individuals' personal and financial information, the group launched a fraudulent campaign to file fake tax returns totaling approximately $8.4 million, of which the group has managed to obtain about $2.5 million. Using the stolen identities, the perpetrators submitted fraudulent claims to the US Small Business Administration’s Economic Injury Disaster Loan (EIDL) program, securing an additional $819,000 in illegitimate funds.

Amachukwu has been charged with computer intrusion, which carries a maximum sentence of five years. Additionally, he faces two counts of conspiracy to commit wire fraud, each punishable by up to 20 years in prison, along with two more wire fraud charges carrying the same potential penalties. He also faces a charge of aggravated identity theft, which mandates an extra two years of incarceration if convicted. Court documents also mention another accomplice, Kingsley Uchelue Utulu, although his whereabouts and legal status are currently unknown.

The US authorities stepped up efforts to curb fraud schemes involving cybercriminals using stolen identities to claim government funds. In 2021, a Russian national was sentenced to five years for trying to steal $1.5 million by hacking tax preparation firms. In April of this year, three men were sentenced to federal prison for orchestrating a multi-year conspiracy known as Stolen Identity Refund Fraud (SIRF), in which they illegally obtained personal identifying information from victims and used it to file fraudulent tax returns. The total amount of tax refunds claimed through the scheme was almost $5 million. As a result, the US Department of the Treasury and the Internal Revenue Service incurred losses of over $390,000.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

Tornado Cash co-founder convicted in a major crypto laundering case

Roman Storm, co-founder of the cryptocurrency platform Tornado Cash, was convicted of conspiring to operate an unlicensed money-transmitting business that laundered more than $1 billion.

Storm was found guilty of a single conspiracy charge, while the jury deadlocked on two more serious counts: conspiracy to launder money and conspiracy to violate US sanctions laws. The unresolved charges carried potential sentences of up to 20 years in prison.

Prosecutors argued that Tornado Cash functioned as a “giant washing machine” for illegal crypto transactions helping cybercriminals, including the North Korea-linked hacking group Lazarus Group, accused of multiple major cryptocurrency heists, hide stolen digital assets. The platform, launched in 2019, allowed users to pool and anonymize cryptocurrency transactions using decentralized smart contracts.

In 2022, the US Treasury sanctioned the Tornado Cash virtual currency mixer under the International Emergency Economic Powers Act (IEEPA), however, three years later, in March 2025, the Treasury lifted restrictions.

As previously reported, Storm was indicted alongside fellow co-founder Roman Semenov in 2023, who currently remains at large. In 2024, another co-founder, Alexey Pertsev, was sentenced to 64 months in prison by a Dutch court for facilitating money laundering through the platform. In February 2025, Pertsev was released under the condition that he remains under electronic monitoring after spending three years in pretrial detention. According to Pertsev’s July 2025 post on X, he continues his legal battle and is still working on an appeal.