Karakurt Extortion Negotiator Sentenced to 8.5 Years in U.S. Prison
A Latvian national has been sentenced to 8.5 years in U.S. prison for his role as a negotiator for the Karakurt extortion gang, a group linked to hundreds of millions of dollars in losses and deep ties to Russian state corruption.
Deniss Zolotarjovs, a 35-year-old Latvian national, has been sentenced to 8.5 years in a U.S. federal prison for his role as a negotiator for the Karakurt extortion group. Zolotarjovs, who operated under the alias "Sforza_cesarini," was arrested in Georgia in December 2023 and extradited to the United States, where he pleaded guilty in July 2025 to conspiracy to commit wire fraud and money laundering BleepingComputer.
The Karakurt group, which included former leaders from the notorious Conti ransomware gang, specialized in compromising corporate networks to steal sensitive data. Rather than relying solely on encryption, the group extorted victims by threatening to leak or sell stolen information. Zolotarjovs served as a "cold case" negotiator, tasked with re-engaging victims who had initially refused to pay ransoms. He utilized stolen personal and health information—including data belonging to children—to exert psychological pressure and force organizations to reconsider their stance BleepingComputer.
The FBI linked Zolotarjovs to at least six specific extortion cases involving American organizations between August 2021 and November 2023. His activities extended beyond Karakurt; court documents indicate he was associated with attacks involving other prominent ransomware syndicates, including Conti, Royal, TommyLeaks, SchoolBoys Ransomware, and Akira. In one notable instance, the group’s actions forced a government entity’s 911 system offline BleepingComputer.
The financial impact of the group’s operations is significant. The Department of Justice reported that among 54 identified victim companies, 13 suffered losses exceeding $56 million, including $2.8 million in direct ransom payments. An additional 41 companies paid approximately $13 million in ransoms. Given the prevalence of underreporting, the government estimates that total losses linked to Zolotarjovs's period of activity likely reach into the hundreds of millions of dollars BleepingComputer.
The investigation into Zolotarjovs revealed deep ties between the Karakurt group and Russian infrastructure. The DOJ noted that members co-opted Russian government databases and law enforcement connections to harass detractors and vet new recruits. Furthermore, the group’s leadership reportedly paid bribes to exempt members from compulsory military service and avoided local taxes through systemic corruption BleepingComputer.
Zolotarjovs is the first member of the Karakurt organization to be sentenced in the United States. His prosecution marks a significant milestone in the ongoing effort to dismantle the group, potentially opening the door for further legal actions against other members, some of whom are identified as former Russian law enforcement officials. This sentencing comes alongside broader U.S. efforts to combat ransomware, including the recent four-year prison sentences handed down to two individuals involved in BlackCat (ALPHV) attacks BleepingComputer.