DOJ: Ransomware Gang Tapped Russian Government Databases
U.S. prosecutors revealed the Russian ransomware gang Karakurt accessed government databases and used law enforcement ties to evade taxes and military service, following the sentencing of hacker Deniss Zolotarjovs. This highlights Russia's role as a cybercriminal "safe haven."
The U.S. Justice Department has revealed that the notorious Russian ransomware group Karakurt operated with direct access to Russian government databases and leveraged law enforcement connections to further its criminal enterprise. This revelation came during the sentencing of Latvian hacker Deniss Zolotarjovs, who received over eight years in prison for his involvement in the gang’s attacks, which included disrupting 911 emergency services and stealing sensitive health data.
Zolotarjovs, a key figure in applying "escalating pressure" on victims refusing to pay ransoms, was convicted for his role in the Karakurt operations. The gang, formed by individuals previously linked to the Akira and Conti ransomware groups—both of which were sanctioned by the U.S. Treasury for alleged ties to Russian intelligence—represents a stark example of the intertwined nature of cybercrime and state apparatus in Russia, according to U.S. prosecutors.
The explicit connection to Russian state resources outlined by the DOJ underscores a long-held accusation by security researchers: that the Russian government actively shields cybercriminals from Western justice. This alleged sanctuary has transformed Russia into a “safe haven” for hackers, as noted by U.S. officials, making ransomware a significant national security threat to the United States. The Russian Foreign Ministry has not responded to inquiries regarding these claims.
According to the Justice Department's press release, the Karakurt gang’s illicit activities extended beyond typical ransomware operations to "fueling corruption" within the Russian government itself. This corruption manifested in tangible benefits for the gang’s leadership, who allegedly used their government ties to evade state taxes and, through bribes to officials, secure exemptions from compulsory military service for their members. These details paint a picture of a criminal organization deeply embedded within and benefiting from state institutions.
Karakurt targeted more than 54 companies, extracting at least $15 million in ransom payments from its victims. Among its particularly egregious attacks were those against U.S. government entities, which caused significant disruption, including to critical 911 emergency dispatch systems. The gang also illicitly obtained children's health information, highlighting the wide-ranging and damaging scope of their cyber-operations. While Karakurt itself no longer appears to be an active entity, ransomware operations frequently rebrand or change ownership to circumvent international sanctions and law enforcement efforts.
The sentencing of Zolotarjovs marks a significant win for international law enforcement. He was apprehended in Georgia in 2023 and subsequently extradited to the United States in August 2024, where he later pleaded guilty to the charges. His conviction, coupled with the DOJ's detailed allegations, casts a critical light on the operational environment for cybercriminals within Russia and the challenges faced by global efforts to combat ransomware. The case serves as a potent reminder of the complex interplay between national interests, geopolitical tensions, and the escalating threat of state-backed or state-enabled cybercrime.
FAQ
Q: What is the significance of the DOJ's announcement regarding Karakurt?
A: The U.S. Justice Department's statement is significant because it explicitly details how the Karakurt ransomware gang not only operated from Russia but also leveraged direct access to Russian government databases and connections with law enforcement officials. This indicates a deeper level of state enablement and corruption than previously confirmed for many such groups.
Q: Who is Deniss Zolotarjovs and what was his role in the Karakurt gang?
A: Deniss Zolotarjovs is a Latvian hacker who was sentenced to over eight years in prison for his involvement with the Karakurt ransomware gang. His specific role included "escalating pressure" on victims who resisted the gang's ransom demands, a critical component of their extortion tactics.
Q: How did the Karakurt gang benefit from its alleged ties to Russian officials?
A: The gang leaders allegedly benefited significantly from their ties to Russian officials, using them to "fuel corruption." This allowed them to avoid paying state taxes and to secure exemptions from Russia's compulsory military service for their members through bribery, in addition to using government databases for their criminal activities.
Related articles
Microsoft Unveils ASSERT, Simplifying AI Behavior Testing with Text
Microsoft has launched ASSERT, an open-source framework designed to simplify AI behavior testing. It enables developers to create comprehensive, application-specific evaluations using natural language descriptions, ensuring AI systems act as intended for particular products and services. The tool translates high-level goals into structured tests, generates scenarios, scores results, and logs execution paths.
Trump Orders Voluntary AI Model Review Before Release
President Trump has signed an executive order creating a voluntary framework for AI companies to share advanced models with the federal government before release. This initiative aims to bolster secure innovation and protect critical infrastructure, reflecting a shift from the administration's previous hands-off approach to AI safety. Companies opting for pre-release review may receive confidentiality protections.
Blue Origin's New Glenn Explosion: Key Components Survive, 2026
Blue Origin announced that critical fuel tanks and key launch pad components survived last week's New Glenn rocket explosion, paving a faster path back to flight. CEO Dave Limp pledges a return to orbital missions before year-end, which is crucial for NASA's Artemis lunar program to maintain its tight schedule for crewed landings.
ZeroDrift raises $10M to protect AI models from themselves: AI
ZeroDrift, an AI compliance startup, has secured $10 million in seed funding from investors like a16z Speedrun. The company's service acts as a crucial intermediary, detecting compliance violations in AI-generated messages and rewriting them to meet regulatory standards like SOC 2 and GDPR. This rapid, oversubscribed funding round highlights the urgent demand for robust AI governance solutions as businesses scale AI adoption.
startups: The White House is at war with itself over who gets to
An intense internal power struggle within the Trump administration has stalled US federal AI regulation, leaving a policy vacuum after Anthropic's Mythos model revealed critical cybersecurity risks. Factions within the Commerce Department, intelligence agencies, and pro-industry groups are locked in a "knife fight" over who gets to evaluate and oversee advanced AI systems. This paralysis follows the abrupt cancellation of a landmark executive order and the unexplained withdrawal of AI testing announcements.
Melinda French Gates Scores Minority Stake in Seattle Kraken
Billionaire philanthropist Melinda French Gates is making a significant entry into professional sports, announcing Monday, June 1, 2026, that she is taking a minority stake in the Seattle Kraken hockey team. The