Latvian hacker who was part of Karakurt cybercrime group extradited to the US

0
41
US accuses China of vast cyber-espionage campaigns against telecoms
US accuses China of vast cyber-espionage campaigns against telecoms

A 33-year-old Latvian national who was part of the Karakurt cybercrime and lives in Moscow, Russia, has been accused in the US since August 2021 of money laundering connected to ransom payments, victim extortion, and data theft.

Since August 2021, a 33-year-old Latvian national who was involved in the Karakurt cybercrime and resides in Moscow, Russia, has been charged in the United States with data theft, victim extortion, and money laundering related to ransom payments. Deniss Zolotarjovs, also known as Sforza_cesarini, is accused of planning to conduct wire fraud, extortion under the Hobbs Act, and money laundering. He was detained in Georgia in December 2023, and as of this month, he has been extradited to the United States. The U.S. Department of Justice (DoJ) stated in a press release this week that Zolotarjovs is a member of a recognized cybercriminal organization that targets victims’ computer systems all over the world.

The Russian cybercrime outfit, among other things, extorts bitcoin ransom payments from victims in exchange for the release of their personal information. The gang runs a website where leaks and auctions are held, where victim companies are listed and stolen data can be downloaded. ” It is thought that Zolotarjovs participated actively in the e-crime group, interacting with other gang members and using the money he got from victims as ransom. Although the DoJ did not provide the name of the cybercrime syndicate, a lawsuit filed in U.S. District Court on November 28, 2023, connects the defendant to a data extortion crew known as Karakurt, which formed as a splinter gang following the 2022 Conti crackdown.

The FBI said, “More examination of Sforza’s communications [on Rocket.Chat] revealed that Sforza seemed to be in charge of negotiating settlements for cold case extortions involving Karakurt victims as well as open-source research to find phone numbers, emails, or other accounts at which victims could be contacted and pressured to either pay a ransom or re-enter a chat with the ransomware group.” ” Sforza also discussed efforts to recruit paid journalists to publish news articles about victims in order to convince the victims to take Karakurt’s extortion demands seriously.” In its lawsuit, the FBI stated that it was able to trace Bitcoin transfers made in September 2021 from a cryptocurrency wallet that was linked to an account for Deniss Zolotarjovs (online alias “Sforza_cesarini”).

In September 2023, the law enforcement agency issued a search warrant to Apple in order to obtain the records associated with the email address because it further stated that part of the illicit proceeds were laundered through multiple addresses before arriving at a deposit address linked to Garantex, specifically a Bitcoin24.pro account bearing the same email address.According to the FBI’s analysis of data provided by the IT giant, the instant messaging account ID “Sforza_cesarini” on Rocket.Chat was “accessed by the same IP addresses at or about the same times, on multiple occasions, as those used to access dennis.zolotarjov@icloud[.]com.” As the first suspected Karakurt group member to be detained and extradited to the United States, Zolotarjov’s success may open the door for the discovery and prosecution of more members in the future.

In an effort to coerce the victims into cooperating, karakurt actors have harassed victims’ coworkers, business associates, and clients through threatening emails and phone calls, the U.S. authorities stated in an advisory last year. “The emails have contained examples of stolen data, such as social security numbers, payment accounts, private company emails, and sensitive business data belonging to employees or clients.”

Also readAt Jar, we’ve leveraged cutting-edge technology to enhance our platform’s efficiency and user-friendliness, says Nishchay Ag, Co-founder and CEO of Jar

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.