A member of the Russian Karakurt ransomware group has been charged within the U.S. for cash laundering, wire fraud, and extortion crimes.
An investigation from the FBI uncovered that 33-year previous Deniss Zolotarjovs was a member of the Karakurt extortion operation that compromised firm techniques, stole knowledge, after which demanded a ransom from the victims underneath the specter of leaking the info publicly or promoting it to different cybercriminals.
The person is a Latvian nationwide who lived in Moscow, Russia. In December 2023 he was arrested in Georgia, Japanese Europe, and was extradited to the U.S. earlier this month.
“According to court documents, Zolotarjovs is a member of a known cybercriminal organization that attacks computer systems of victims around the world,” the U.S. Division of Justice (DoJ) says in a press launch.
“The group maintains a leaks and auction website that lists victim companies and offers stolen data for download.”
Karakurt ‘chilly case’ negotiator
Though the DoJ didn’t title the ransomware operation, courtroom paperwork present the Zolotarjovs’ connection to Karakurt, the place he operated underneath the alias “Sforza_cesarini.”
Particularly, the FBI has linked Zolotarjovs with no less than six instances of extortion impacting American organizations that occurred between August 2021 and November 2023.
In a kind of instances, a victimized firm paid Karakurt a ransom of greater than $1.3 million. One other sufferer negotiated and paid $250,000 to the risk actor to keep away from having its knowledge leaked.
Zolotarjovs’s position was to barter so-called “cold case extortions” for the Karakurt operation, when communication after the assault had halted and not using a ransom being paid.
Zolotarjovs was recognized by means of cryptocurrency tracing, communication evaluation, and knowledge obtained from search warrants executed on Rocket.Chat, linking him to the extortion and cash laundering actions.
Karakurt is a cyber gang that launched operations in mid-2021, focusing completely on knowledge exfiltration and extortion with out deploying any encryption instruments within the assaults.
Between September to November 2021, the group had revealed 40 victims on its public leaks website, 95% of them being primarily based in North America.
In April 2022, Karakurt was uncovered as being a knowledge extortion arm of Conti, a infamous cybercrime syndicate that has since been dismantled.
In June 2022, the U.S. authorities warned victims of Karakurt to not pay a ransom, noting that the hackers would almost definitely promote the info to others anyway, and never delete it as promised.
The subsequent month, Karakurt launched a search device on its leak website to make it simpler to search out particular knowledge within the stolen datasets, successfully empowering the blackmail course of and rising the stress on the victims.
Zolotarjovs is the primary Karakurt member to be arrested and extradited to the U.S., and this success might result in the identification and prosecution of extra members sooner or later.
Concerning the potential sentence, every of the talked about crimes incurs a most of 20 years in jail, plus a nice of as much as $500,000 or twice the worth of property concerned within the transaction for conspiracy to commit cash laundering.