Blog Details

A Latvian nationwide extradited to the US was sentenced to eight.5 years in penal advanced for his “cold case” negotiator role within the Russian Karakurt ransomware crew.

35-year-historical Deniss Zolotarjovs (Денисс Золотарёвс) of Moscow, Russia, was arrested in Georgia, Eastern Europe, in December 2023, and pleaded responsible in July 2025 to conspiracy to commit wire fraud and money laundering charges filed in opposition to him in August 2024 after he was transferred to U.S. custody.

“Deniss Zolotarjovs helped his ransomware gang profit from hacks of dozens of companies, and even on a government entity whose 911 system was forced offline,” said Assistant Attorney Standard A. Tysen Duva. “He also used stolen children’s health information to increase his leverage to extort victim payments.”

Per court documents, Zolotarjovs (moreover identified online as “Sforza_cesarini”) was a member of the Karakurt extortion operation (led by old Conti ransomware gang leaders) that compromised company methods, stole data, and demanded ransom from victims below risk of publicly leaking or selling the info to varied cybercriminals.

The FBI linked Zolotarjovs with a minimum of six instances of extortion in opposition to American organizations between August 2021 and November 2023, and said that his role was to negotiate so-known as “cold case extortions,” when verbal change with the victims had halted with out a ransom being paid.

Zolotarjovs done a key role in coercing victims to rethink their stance in opposition to ransom demands, conducting thorough study on targeted companies and analyzing stolen deepest and successfully being data to develop psychological stress.

He was moreover associated to assaults in opposition to sufferer organizations by a quantity of assorted ransomware groups, including Conti, Royal, TommyLeaks, SchoolBoys Ransomware, and Akira.

“Of the more than 54 companies attacked, attacks on just 13 of those companies resulted in over $56 million in losses, including approximately $2.8 million in ransom payments. This loss estimate only includes known victim companies and does not include an additional 41 victim companies that made $13 million in ransom payments during that same period but for whom the government does not yet have detailed loss statements,” the Department of Justice added.

“Due to widespread underreporting of ransomware attacks, true loss numbers are uncertain, but, extrapolating from the known victims and known losses, the government estimates total losses for the period of Zolotarjovs’s participation to likely be in the hundreds of millions of dollars.”

Zolotarjovs is the first Karakurt member to face charges and be sentenced within the U.S., which could maybe well also lead to the prosecution of extra members within the lengthy dawdle.

On Thursday, two old Sygnia and DigitalMint employees had been moreover sentenced to four years in penal advanced every for focusing on U.S. companies in BlackCat (ALPHV) ransomware assaults.