The DOJ says a ransomware group infiltrated Russian government databases

A US federal judge has sentenced Latvian arms smuggler Deniss Zolotarjovs to more than eight years in prison after being found guilty of carrying out armed attacks.

The Department of Justice accused the hacker of working for a notorious Russian ransomware group called Karakurt, which is led by former leaders of the Akira and Conti ransomware gangs. approved by the US Treasury because of their connections with Russian intelligence.

Prosecutors say Karakurt members targeted US government agencies with threats that disrupted 911 emergency dispatch systems, and stole children’s health information. Zolotarjovs was responsible for the “intense pressure” on victims who refused the gang’s ransom demands, the DOJ said.

Although the decision of Zolotarjovs is self-evident, the US prosecutors said in their press release that the ransomware gang relies on access to Russian government databases and law enforcement connections to terrorize its victims, underscoring the connection between cybercriminals and the Russian government.

Security analysts have long criticized the Russian government to prevent ransomware attacks and traitors from Western countries, including refusing to extradite its citizens accused of sabotage. US officials in recent years have said Russia did to be a “safe haven” for cybercriminalsciting the threat of ransomware as one of the biggest national security challenges facing the United States.

According to the DOJ, the Karakurt ransomware gang “promoted corruption” in the Russian government; these relationships with the authorities allowed the gang leaders to avoid paying taxes to the government, and the group often bribed officials who freed their members from forced Russian military service.

The Russian Foreign Ministry did not respond to TechCrunch’s request for comment.

According to the DOJ, the Karakurt criminal group targeted more than 54 companies, with $15 million in ransoms paid by victims. Karakurt does not appear to be a criminal ransomware group; some works change owners and names, sometimes evading sanctions.

Zolotarjovs was arrested in Georgia in 2023 and extradited to the United States in August 2024. He later pleaded guilty.

(h/t @realhackhistory.org)