Latvian Ransomware Negotiator Sentenced for $56 Million Cyber Extortion Scheme

Latvian Ransomware Negotiator Sentenced for $56 Million Cyber Extortion Scheme

First seen 5 May 2026, 01:07 UTC AolLocal12BleepingcomputerThecyberexpressWcpo+5 87% similarity 68.0

Article Content

Browse articles
ThreatCluster

Deniss Zolotarjovs, a 35-year-old Latvian national, was sentenced to 8.5 years in federal prison for his role in a ransomware organization linked to over 54 cyberattacks on various companies from June 2021 to August 2023. The group, known as Karakurt, TommyLeaks, and SchoolBoys Ransomware, extorted victims by threatening to leak sensitive data, including Social Security numbers and health records. Zolotarjovs was primarily responsible for negotiating ransom payments, which totaled approximately $16 million, and he received a 10% cut of the ransoms paid. His tactics included leveraging stolen children's health information to pressure victims, leading to significant financial losses exceeding $56 million. The FBI noted that the group operated with a structured hierarchy and had connections to former Russian law enforcement. Zolotarjovs was arrested in Georgia in December 2023 and extradited to the U.S. in August 2024, where he pleaded guilty to conspiracy to commit money laundering and wire fraud.

Key Points: • Deniss Zolotarjovs was sentenced to 8.5 years for extorting over 54 companies. • The ransomware group caused financial losses exceeding $56 million, including $16 million in ransoms. • Zolotarjovs used sensitive data, including children's health records, to coerce victims into paying.

ThreatCluster AI

Timeline

2023-12-01
Zolotarjovs arrested in Georgia.
2024-08-01
Zolotarjovs extradited to the U.S.
2025-07-01
Zolotarjovs pleads guilty to money laundering and wire fraud.
2026-05-04
Zolotarjovs sentenced to 8.5 years in prison.

Community

Browse all →