Karakurt extortion gang ‘chilly case’ negotiator will get 8.5 years in jail

A Latvian nationwide extradited to america used to be sentenced to eight.5 years in jail for his “chilly case” negotiator position within the Russian Karakurt ransomware workforce.

35-year-old Deniss Zolotarjovs (Денисс Золотарёвс) of Moscow, Russia, used to be arrested in Georgia, Jap Europe, in December 2023, and pleaded to blame in July 2025 to conspiracy to dedicate twine fraud and cash laundering fees filed in opposition to him in August 2024 after he used to be transferred to U.S. custody.

“Deniss Zolotarjovs helped his ransomware gang take advantage of hacks of dozens of businesses, or even on a central authority entity whose 911 machine used to be pressured offline,” mentioned Assistant Lawyer Common A. Tysen Duva. “He extensively utilized stolen kids’s well being data to extend his leverage to extort sufferer bills.”

Consistent with court docket paperwork, Zolotarjovs (additionally identified on-line as “Sforza_cesarini”) used to be a member of the Karakurt extortion operation (led by means of former Conti ransomware gang leaders) that compromised corporate methods, stole knowledge, and demanded ransom from sufferers beneath risk of publicly leaking or promoting the information to different cybercriminals.

The FBI connected Zolotarjovs with a minimum of six circumstances of extortion in opposition to American organizations between August 2021 and November 2023, and mentioned that his position used to be to barter so-called “chilly case extortions,” when communique with the sufferers had halted with no ransom being paid.

Zolotarjovs performed a key position in coercing sufferers to rethink their stance in opposition to ransom calls for, accomplishing thorough analysis on focused firms and examining stolen private and well being data to extend mental power.

He used to be additionally related to assaults in opposition to sufferer organizations by means of quite a lot of different ransomware teams, together with Conti, Royal, TommyLeaks, SchoolBoys Ransomware, and Akira.

“Of the greater than 54 firms attacked, assaults on simply 13 of the ones firms ended in over $56 million in losses, together with roughly $2.8 million in ransom bills. This loss estimate handiest comprises identified sufferer firms and does now not come with an extra 41 sufferer firms that made $13 million in ransom bills throughout that very same duration however for whom the federal government does now not but have detailed loss statements,” the Division of Justice added.

“Because of fashionable underreporting of ransomware assaults, true loss numbers are unsure, however, extrapolating from the identified sufferers and identified losses, the federal government estimates general losses for the duration of Zolotarjovs’s participation to most probably be within the loads of thousands and thousands of greenbacks.”

Zolotarjovs is the primary Karakurt member to stand fees and be sentenced within the U.S., which might result in the prosecution of extra participants someday.

On Thursday, two former Sygnia and DigitalMint workers have been additionally sentenced to 4 years in jail every for concentrated on U.S. firms in BlackCat (ALPHV) ransomware assaults.