Latvian Ransomware Negotiator Sentenced for $56 Million Scheme

Severity: Medium (Score: 48.9)

Sources: Aol, www.cincinnati.com, Local12

Summary

Deniss Zolotarjovs, a 35-year-old Latvian national, was sentenced to 8½ years in prison for his role in a ransomware operation that extorted over $56 million from more than 53 entities, including government agencies and healthcare providers in Ohio. The attacks involved the theft and encryption of sensitive data, including Social Security numbers and health information. Zolotarjovs was a negotiator for the Russian-based ransomware group known as Karakurt, TommyLeaks, and SchoolBoys Ransomware, demanding ransoms ranging from $25,000 to $13 million. He received 10% of the ransom payments, typically paid in cryptocurrency. His group caused significant disruptions, including hacking a government agency's 911 system. Zolotarjovs was arrested in Georgia in 2023 after attempting to negotiate a deal with the FBI. He pleaded guilty to conspiracy to commit money laundering and wire fraud in 2025. Key Points: • Deniss Zolotarjovs was sentenced to 8½ years for his role in a $56 million ransomware scheme. • The ransomware group targeted over 53 entities, including a government agency's 911 system. • Zolotarjovs received 10% of ransom payments, often paid in cryptocurrency.

Key Entities

• Ransomware (attack_type)
• Healthcare (industry)
• T1486 - Data Encrypted for Impact (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• Karakurt (ransomware_group)
• SchoolBoys Ransomware (ransomware_group)
• TommyLeaks (ransomware_group)