25% off all training courses Offer ends June 26, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends June 26, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Karakurt Ransomware Group Member Charged in Ohio

Posted By on Aug 23, 2024

An alleged member of the Karakurt threat group has been charged in U.S. District Court in Cincinnati with conspiracy to commit money laundering, wire fraud, and Hobbs Act extortion.

Karakurt is a Russian cybercrime group thought to be a splinter group of the now-defunct Conti ransomware group. Karakurt specializes in data extortion rather than ransomware attacks, and gains access to corporate networks, steals sensitive data, and threatens to sell the stolen data if the ransom is not paid. The group maintains an auction site and if a sale cannot be arranged, the stolen data is added to the group’s data leak site where it can be downloaded for free. The group’s ransom demands have ranged from $25,000 to $13,000,000, with victims typically given a week from notification to pay the ransom.

Karakurt has conducted attacks on a wide range of industry sectors, including several U.S. healthcare organizations. The group has claimed responsibility for attacks on CentroMed, Methodist McKinney Hospital, McAlester Regional Health Center, The Chattanooga Heart Institute, and most recently, Ann & Robert H. Lurie Children’s Hospital of Chicago.

Latvian national Deniss Zolotarjovs, 33, of Moscow, Russia, is a suspected member of the Karakurt group who is alleged to be the group’s negotiator of cold case extortion, where victims have failed to respond to the group’s demands. Tactics used in these cases include contacting employees, business partners, clients, and patients via email and phone calls to increase pressure on the victims to pay the ransom demand. Zolotarjovs is also alleged to have engaged with other members of the Karakurt group and helped with the laundering of ransom payments. Zolotarjovs is alleged to have been an active member of the group from August 2021 until his arrest in December 2023.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Zolotarjovs, aka Sforza_cesarini, was arrested by law enforcement in Georgia in Eastern Europe in December 2023, where he has been incarcerated until his extradition to the United States earlier this month. He is the first alleged member of the Karakurt group to be arrested and charged in the United States.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist