In a significant move against cybercrime, the U.S. Department of Justice (DOJ) has charged a 33-year-old Latvian national, Deniss Zolotarjovs, with money laundering, financial fraud, and extortion. Zolotarjovs, who resided in Moscow, was apprehended by law enforcement in Georgia in December 2023 and was recently extradited to the United States.
Court documents reveal that Zolotarjovs is allegedly linked to the notorious ransomware group Karakurt, a cybercrime organization known for stealing sensitive data from victims and threatening to release it unless a ransom is paid in cryptocurrency. Karakurt operates a leak site and auction portal where they list victim companies and offer stolen data for download. The group’s ransom demands have varied widely, ranging from $25,000 to $13 million in Bitcoin.
The DOJ’s investigation suggests that Karakurt may have ties to the now-defunct Conti ransomware gang, with some researchers believing that Karakurt was a side operation designed to monetize stolen data when the primary ransomware attack was thwarted.
Zolotarjovs, who allegedly used the alias “Sforza_cesarini,” is accused of being an active member of Karakurt. His charges include communicating with other members of the group, laundering cryptocurrency, and extorting victims. The DOJ reports that Zolotarjovs is the first alleged member of Karakurt to be arrested and extradited to the United States.
Zolotarjovs is believed to be involved in at least six cyberattacks on unnamed U.S. companies. In one notable incident in 2021, Karakurt stole a large volume of private client data, including medical records, Social Security numbers, and other sensitive information. The group initially demanded a ransom of approximately $650,000, but the affected company managed to negotiate the amount down to $250,000.
Court documents also suggest that Zolotarjovs played a key role in conducting negotiations for what are known as “cold case extortions”—extortion cases that had gone unresolved for an extended period. He is believed to have used open-source research to identify contact information for victims, pressuring them to either pay the ransom or re-engage with the ransomware group. According to the DOJ, some of these efforts were successful in extracting additional ransom payments.
Zolotarjovs’ arrest and extradition mark a significant step in the ongoing effort to combat ransomware and hold cybercriminals accountable for their actions. The case continues to unfold as the DOJ seeks justice for the victims of Karakurt’s cyberattacks.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
