VYPR
breachPublished May 5, 2026· Updated May 17, 2026· 1 source

Conti Ransomware Associate Sentenced to 102 Months for Global Extortion Campaign

A Latvian national has been sentenced to 102 months in prison for his role in a sophisticated ransomware syndicate that extorted over 54 organizations using various aliases, including Conti and Akira.

Deniss Zolotarjovs, a 35-year-old Latvian national, has been sentenced to 102 months in federal prison for his role in a prolific ransomware operation Help Net Security. Zolotarjovs, who resided in Moscow, was a key member of a criminal organization composed of former Conti ransomware associates. The group operated under various aliases, including Karakurt, Royal, Akira, TommyLeaks, and SchoolBoys Ransomware, to conduct widespread extortion campaigns between June 2021 and August 2023 Help Net Security.

The criminal enterprise functioned with a hierarchical structure, reportedly operating out of an office in St. Petersburg, Russia. Prosecutors revealed that the group was staffed by former Russian law enforcement officers who leveraged their professional connections to access government databases, intimidate critics, and facilitate recruitment Help Net Security. To obscure their illicit financial activities, the organization utilized a network of shell companies across Russia, Europe, and the United States.

Zolotarjovs served as a primary negotiator responsible for escalating pressure on victims who were hesitant to pay ransoms. His role involved reviewing stolen data and conducting research on victim companies to identify sensitive information that could be used as leverage Help Net Security. This included the exploitation of Social Security numbers, dates of birth, and highly sensitive healthcare records. In one egregious instance, Zolotarjovs targeted a pediatric healthcare provider, threatening to leak or sell children’s medical records to force payment Help Net Security.

The scale of the group's impact was significant, affecting at least 54 organizations, including a government entity whose 911 emergency system was forced offline during an attack Help Net Security. While detailed loss figures for all victims are not fully accounted for, 41 victims paid approximately $13 million in ransoms. For 13 other companies, documented losses—including $2.8 million in direct ransom payments—exceeded $56 million. Investigators estimate that the total financial damage caused by the group likely reaches into the hundreds of millions of dollars Help Net Security.

Zolotarjovs was apprehended in Georgia in December 2023 and subsequently extradited to the United States. He entered a guilty plea in July 2025 to charges of conspiracy to commit money laundering and wire fraud Help Net Security. Assistant Attorney General A. Tysen Duva emphasized the severity of the crimes, noting that the sentencing marks a significant step in holding international cybercriminals accountable, regardless of their location Help Net Security.

This case highlights the evolving nature of ransomware syndicates, which frequently rebrand and share infrastructure to evade law enforcement. The use of former state-affiliated personnel within these groups demonstrates a sophisticated level of organization and access to sensitive data. As international authorities continue to target the operators behind these ransomware-as-a-service models, the focus remains on dismantling the networks that facilitate the laundering of illicit proceeds and the weaponization of stolen personal information Help Net Security.

Synthesized by Vypr AI
Conti Ransomware Associate Sentenced to 102 Months for Global Extortion Campaign · VYPR