Latvian Cybercriminal Sentenced to Over Eight Years for Role in Russian Ransomware Syndicate
In a significant development in the fight against cybercrime, 35-year-old Latvian national Deniss Zolotarjovs has been sentenced to 102 months in federal prison for his pivotal role in a Russian ransomware syndicate. Operating out of Moscow, Zolotarjovs served as a primary extortionist and negotiator for a highly organized cybercriminal network that targeted over 54 companies worldwide.
The United States Department of Justice announced the sentencing, emphasizing the extensive international collaboration required to dismantle parts of the ransomware ecosystem. Zolotarjovs was a key player in an operation led by former members of the notorious Conti ransomware group. Between June 2021 and August 2023, the syndicate operated under several prominent ransomware brands, including Conti, Karakurt, Royal, TommyLeaks, SchoolBoys Ransomware, and Akira.
The group maintained a sophisticated, hierarchical management structure based in an office building in St. Petersburg, Russia. To obfuscate their illicit operations, the syndicate utilized a complex network of front companies registered across Russia, Europe, and the United States.
As a negotiator, Zolotarjovs specifically escalated pressure on victims who refused to pay initial ransom demands. He conducted in-depth research on compromised organizations and meticulously analyzed stolen data to maximize his leverage.
His extortion tactics were notably aggressive. During an attack on a pediatric healthcare provider, Zolotarjovs deliberately weaponized the medical records of children. When the company refused to pay, he instructed his co-conspirators to leak the sensitive information to create panic. In a calculated move to sow fear among future victims, he distributed a massive data pack to hundreds of individual patients, exposing deeply personal healthcare details instead of sending tailored files to individual victims.
According to the U.S. Department of Justice, attacks on just 13 of 54 victims caused over $56 million in losses and $2.8 million in ransom payments. An additional 41 companies paid out roughly $13 million during the same period. Federal authorities estimate that total financial damages tied to his involvement likely exceed $100 million.
Beyond financial extortion, the group’s reckless operations placed lives at risk. The syndicate successfully forced a government entity’s 911 emergency system offline, exposing thousands of Social Security numbers, dates of birth, and home addresses.
The syndicate’s operations were deeply embedded in systemic corruption. The group utilized former Russian law enforcement officers to co-opt government databases and paid frequent bribes to exempt draft-age members from compulsory military service.
Despite these protections, international law enforcement successfully tracked Zolotarjovs. He was arrested in Georgia in December 2023 and extradited to U.S. custody in August 2024. After pleading guilty in July 2025 to conspiracy to commit money laundering and wire fraud, his sentencing marks a significant victory for global cybersecurity enforcement efforts led by the FBI.
