DOJ: Ransomware Gang Tapped Russian Government Databases
U.S. prosecutors revealed the Russian ransomware gang Karakurt accessed government databases and used law enforcement ties to evade taxes and military service, following the sentencing of hacker Deniss Zolotarjovs. This highlights Russia's role as a cybercriminal "safe haven."

The U.S. Justice Department has revealed that the notorious Russian ransomware group Karakurt operated with direct access to Russian government databases and leveraged law enforcement connections to further its criminal enterprise. This revelation came during the sentencing of Latvian hacker Deniss Zolotarjovs, who received over eight years in prison for his involvement in the gang’s attacks, which included disrupting 911 emergency services and stealing sensitive health data.
Zolotarjovs, a key figure in applying "escalating pressure" on victims refusing to pay ransoms, was convicted for his role in the Karakurt operations. The gang, formed by individuals previously linked to the Akira and Conti ransomware groups—both of which were sanctioned by the U.S. Treasury for alleged ties to Russian intelligence—represents a stark example of the intertwined nature of cybercrime and state apparatus in Russia, according to U.S. prosecutors.
The explicit connection to Russian state resources outlined by the DOJ underscores a long-held accusation by security researchers: that the Russian government actively shields cybercriminals from Western justice. This alleged sanctuary has transformed Russia into a “safe haven” for hackers, as noted by U.S. officials, making ransomware a significant national security threat to the United States. The Russian Foreign Ministry has not responded to inquiries regarding these claims.
According to the Justice Department's press release, the Karakurt gang’s illicit activities extended beyond typical ransomware operations to "fueling corruption" within the Russian government itself. This corruption manifested in tangible benefits for the gang’s leadership, who allegedly used their government ties to evade state taxes and, through bribes to officials, secure exemptions from compulsory military service for their members. These details paint a picture of a criminal organization deeply embedded within and benefiting from state institutions.
Karakurt targeted more than 54 companies, extracting at least $15 million in ransom payments from its victims. Among its particularly egregious attacks were those against U.S. government entities, which caused significant disruption, including to critical 911 emergency dispatch systems. The gang also illicitly obtained children's health information, highlighting the wide-ranging and damaging scope of their cyber-operations. While Karakurt itself no longer appears to be an active entity, ransomware operations frequently rebrand or change ownership to circumvent international sanctions and law enforcement efforts.
The sentencing of Zolotarjovs marks a significant win for international law enforcement. He was apprehended in Georgia in 2023 and subsequently extradited to the United States in August 2024, where he later pleaded guilty to the charges. His conviction, coupled with the DOJ's detailed allegations, casts a critical light on the operational environment for cybercriminals within Russia and the challenges faced by global efforts to combat ransomware. The case serves as a potent reminder of the complex interplay between national interests, geopolitical tensions, and the escalating threat of state-backed or state-enabled cybercrime.
FAQ
Q: What is the significance of the DOJ's announcement regarding Karakurt?
A: The U.S. Justice Department's statement is significant because it explicitly details how the Karakurt ransomware gang not only operated from Russia but also leveraged direct access to Russian government databases and connections with law enforcement officials. This indicates a deeper level of state enablement and corruption than previously confirmed for many such groups.
Q: Who is Deniss Zolotarjovs and what was his role in the Karakurt gang?
A: Deniss Zolotarjovs is a Latvian hacker who was sentenced to over eight years in prison for his involvement with the Karakurt ransomware gang. His specific role included "escalating pressure" on victims who resisted the gang's ransom demands, a critical component of their extortion tactics.
Q: How did the Karakurt gang benefit from its alleged ties to Russian officials?
A: The gang leaders allegedly benefited significantly from their ties to Russian officials, using them to "fuel corruption." This allowed them to avoid paying state taxes and to secure exemptions from Russia's compulsory military service for their members through bribery, in addition to using government databases for their criminal activities.
Related articles
Pentagon Halts 155 Wind Projects in 24 States Over Drone Fears
The Pentagon has frozen permitting for 155 wind projects across 24 states for nearly a year, citing concerns that drones can hide within wind farms. This impacts 44 gigawatts of capacity and has cost developers $2 billion. The wind industry claims the freeze is politically motivated and has filed a lawsuit.
in-depth: Chewy Promo Codes: $20 Off July 2026: coupons — Key Details
Pet owners can find substantial savings at Chewy in July 2026. New customers get $20 off first orders (code WELCOME) and free shipping. Existing users benefit from exclusive deals, Autoship discounts, and a Chewy+ membership for ongoing perks and rewards.
Kalshi says it caught Trump’s teleprompter operator insider trading
Prediction market platform Kalshi has accused Donald Trump's teleprompter operator, Gabriel Perez, of insider trading, alleging he used advance knowledge of Trump's speeches to win over $100,000. Kalshi flagged the activity and referred it to the CFTC. While federal prosecutors declined a criminal case, a settlement is being discussed.
AI-powered travel agency Fora hits unicorn status, raises $60M
Fora, the innovative AI-powered travel agency, has officially joined the ranks of billion-dollar companies, announcing a $60 million Series D funding round that solidifies its unicorn status. The capital injection, led
in-depth: 11 Best Sleeping Bags (2026): Ultralight, Warm Weather, for
A comprehensive guide to the best sleeping bags for 2026 has been released, featuring expert-tested options for every outdoor adventure. From ultralight designs to comfy car camping bags and kid-specific models, this updated selection helps adventurers find their perfect sleep system for warmth and comfort.
Applied Computing wants to give oil and gas operators an AI model for
Applied Computing, a London-based startup, has secured $20 million in Series A funding to advance its foundation AI model, Orbital, for the oil, gas, and petrochemical industry. Orbital aims to integrate disparate data sources—sensor readings, engineering data, and physics models—to provide real-time operational insights, drastically reducing investigation times and enhancing efficiency. The company plans to use the capital for international expansion, hiring, and new client deployments, building on its rapid growth and strategic partnerships with industry giants like KBR.






