A federal court has witnessed a significant development in a major ransomware case involving a scam that allegedly extorted over $15 million in Bitcoin from businesses across the United States. On July 8, 2026, Armenian citizen Karen Serobovich Vardanyan pleaded guilty to charges of conspiracy and computer fraud related to a series of attacks executed using the notorious Ryuk ransomware from late 2019 to early 2020.
The Ryuk operation is said to have targeted numerous organizations, crippling their systems and leaving them with encrypted files and disrupted services. Victims were coerced into paying hefty ransoms in cryptocurrency to regain access to their critical data. Notably, one Michigan company reportedly transferred as much as 200 Bitcoin, equivalent to more than $1.1 million, to restore their operations.
According to federal prosecutors, the scheme involved sending ransom notes that demanded Bitcoin payments in exchange for decryption keys. These notes provided an email address for victims to communicate, setting the stage for negotiations between the hackers and the affected companies.
The cybercriminal activities, which utilized sophisticated methods to infiltrate corporate networks, significantly impacted the operations of many businesses. For example, a technology firm in Wilsonville, Oregon, along with a school district in Texas, also fell prey to these attacks in February 2020. Prosecutors stated that the overall toll from these ransomware incidents resulted in the collection of approximately 1,610 Bitcoin during the campaign.
As Vardanyan's guilty plea unfolds, he faces substantial restitution obligations exceeding $1.1 million, alongside anticipated sentencing, which could involve considerable prison time and financial penalties. Federal authorities, including the FBI and the Justice Department, have been actively involved in this investigation, coordinating efforts to bring those responsible to justice.
This case underscores the ongoing battle against cybercrime and the far-reaching consequences of ransomware attacks that force companies into difficult positions, often compelling them to make significant payments to regain control of their data.
This article is for informational purposes only and should not be considered financial advice.



