A Latvian national has been sentenced to eight and a half years in a United States prison for his role in the Karakurt ransomware operations. Deniss Zolotarjovs, 35, was apprehended in Georgia in December 2023 and extradited to the US in August the following year, where he later admitted to his crimes in July 2025.
Background on the Karakurt Ransomware Group
The Karakurt group, associated with the notorious Conti collective and known by several aliases such as TommyLeaks and Schoolboys Ransomware Gang, was a major player in the ransomware landscape several years ago. In 2022, US authorities issued a warning regarding the group’s widespread attacks across various sectors, emphasizing their strategy of stealing sensitive data to demand ransom payments.
Details of the Crimes
Zolotarjovs was linked to the Karakurt group from June 2021 until March 2023. During this period, the group targeted at least 53 organizations, resulting in financial damages amounting to $56 million. Although Zolotarjovs did not partake in the actual hacking activities, he was pivotal in the extortion processes, engaging in negotiations and advising on ransom demands.
Evidence presented in court revealed that Zolotarjovs played a crucial role in analyzing stolen information and conducting ransom dialogues with victims. In one specific case, involving a pediatric healthcare provider, he suggested increasing pressure by threatening to release sensitive patient data.
Financial Gains and Sentencing
According to court documents, Zolotarjovs received a 10% share of the ransom payments, which were made in cryptocurrency. These funds were then laundered through multiple digital wallets before being converted into Russian rubles.
This case underscores the persistent threat posed by ransomware groups and highlights the importance of international cooperation in combating cybercrime. Experts continue to emphasize the need for organizations to enhance their cybersecurity measures to protect against such malicious activities.
The sentencing of Zolotarjovs serves as a significant legal victory in the ongoing battle against cybercriminals, providing a deterrent effect and raising awareness about the sophisticated methods employed by these groups.
