A U.S. court has sentenced Latvian hacker Deniss Zolotarjovs to more than eight years in prison following his conviction for carrying out ransomware attacks.

The Justice Department accused the hacker of working for a notorious Russian ransomware gang called Karakurt, which was led by former leaders of the Akira and Conti ransomware gangs, who were sanctioned by the U.S. Treasury for their alleged links to Russian intelligence.

Prosecutors said members of Karakurt targeted U.S. government entities with attacks that disrupted 911 emergency dispatch systems, and also stole children’s health information. Zolotarjovs was responsible for “escalating pressure” on victims who resisted the gang’s ransom demands, the DOJ said.

While Zolotarjovs’ conviction is notable in itself, U.S. prosecutors said in their press release that the ransomware gang relied on access to Russian government databases and law enforcement connections to intimidate its victims, further underscoring the links between the activities of cybercriminals and the Russian state.

Security researchers have long accused the Russian government of shielding ransomware gangs and malicious hackers from Western law enforcement, including by refusing to extradite its citizens accused of damaging hacks. U.S. officials in recent years have said Russia has become a “safe haven” for cybercriminals, citing the threat from ransomware as one of the top national security challenges facing the United States.

According to the DOJ, the Karakurt ransomware gang “fueled corruption” in the Russian government; these ties to officials allowed the gang’s leaders to avoid paying taxes to the state, and the gang regularly paid bribes to officials who exempted members from compulsory Russian military service.

The Russian Foreign Ministry did not respond to TechCrunch’s request for comment.

Per the DOJ, the Karakurt gang targeted more than 54 companies, with at least $15 million in ransoms paid by the victims. Karakurt does not appear to be an active ransomware gang; some operations change owners and names, sometimes to evade sanctions.

Zolotarjovs was arrested in the country of Georgia in 2023 and extradited to the United States in August 2024. He later pleaded guilty.

(h/t @realhackhistory.org)

Topics

cyberattacks, cybercriminals, cybersecurity, justice department, Kremlin, ransomware, Russian government, Security

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security.

He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@techcrunch.com.

View Bio

May 27

Athens, Greece

StrictlyVC Athens is up next. Hear unfiltered insights straight from Europe’s tech leaders and connect with the people shaping what’s ahead. Lock in your spot before it’s gone.

DOJ says ransomware gang tapped into Russian government databases