A U.S. court has imposed a sentence of over eight years on Latvian hacker Deniss Zolotarjovs, following his conviction for orchestrating ransomware attacks.
The Justice Department has accused Zolotarjovs of being affiliated with the infamous Russian ransomware group known as Karakurt. This organization is reportedly led by former members of the Akira and Conti gangs, both of which have faced sanctions from the U.S. Treasury due to their alleged connections with Russian intelligence.
Prosecutors highlighted that Karakurt specifically targeted U.S. government entities, causing disruptions to critical services such as 911 emergency dispatch systems and compromising sensitive health information related to children. Zolotarjovs played a key role in applying "escalating pressure" on victims who resisted the gang's ransom demands, according to the DOJ.
While Zolotarjovs' conviction is significant, U.S. prosecutors emphasized that the Karakurt gang leveraged access to Russian government databases and law enforcement connections to intimidate victims. This connection underscores the troubling relationship between cybercriminal activities and the Russian state.
Security experts have long pointed to the Russian government as providing a protective shield for ransomware groups, often refusing to extradite its citizens accused of cybercrimes. U.S. officials have increasingly labeled Russia as a "safe haven" for cybercriminals, identifying ransomware threats as a critical national security issue.
The DOJ indicated that the Karakurt gang has contributed to corruption within the Russian government, allowing its leaders to evade taxes and even pay bribes to avoid mandatory military service.
Although the Russian Foreign Ministry has not commented on this matter, the DOJ reported that Karakurt targeted over 54 companies, with victims paying at least $15 million in ransom. Currently, it appears that Karakurt is not an active ransomware group, as operations often change ownership or names to circumvent sanctions.
Zolotarjovs was apprehended in Georgia in 2023 and was extradited to the U.S. in August 2024, where he subsequently pleaded guilty.