The 22-year-old suspect, named as "Jaroslaw Wasinskij," was arrested at the Dorohusk border crossing between Poland and Ukraine on October 8 "thanks to cooperation between Polish and American security services," including Poland's Internal Security Agency (ABW) and the FBI, according to the gov.pl website.
The man has been accused of numerous computer crimes, a spokesman for Poland's security services, Stanisław Żaryn, told the media.
Żaryn said in a statement that Wasinskij "is accused of cybercrime involving ... gaining unauthorized access to protected data by installing malware and paralyzing IT systems through data encryption, and then demanding ransom fees."
Wasinskij is believed to have been part of the REvil cybercriminal group, which is suspected of staging ransomware attacks on up to 1,500 institutions and companies in various countries, including many in the United States, according to Żaryn.
The detention took place after US prosecutors issued an arrest warrant for the Ukrainian in August, Żaryn said in his statement.
The suspect faces up to 100 years in prison if found guilty of the charges and convicted in the United States, the statement added.