A federal judge in the Southern District of Ohio sentenced Deniss Zolotarjovs, a 35-year-old Latvian national and Moscow resident, to 102 months in prison Monday for wire fraud and money laundering tied to ransomware attacks on more than 54 companies.
Zolotarjovs worked for an organization run by former Conti ransomware leaders, operating under a rotating roster of names: Conti, Karakurt, Royal, TommyLeaks, SchoolBoys Ransomware, and Akira. His job was pressure. He analyzed stolen data, identified pressure points, and didn’t stop at threats: in one case, he urged co-conspirators to leak children’s health records from a pediatric healthcare company, ultimately sending sensitive data to hundreds of patients.
The crew confirmed nearly $16 million in ransom payments. Officials estimate hundreds of millions in total losses, not counting the psychological and financial exposure facing tens of thousands of people whose personal data was stolen.
U.S. Attorney Dominick S. Gerace II called the prosecution proof of law enforcement’s global reach: Zolotarjovs was arrested in the country of Georgia in December 2023, extradited to the United States in August 2024, and pleaded guilty in July 2025. The group also hit a government entity whose 911 system was forced offline.
Former Russian law enforcement officers inside the crew used their connections to access Russian government databases, both to harass detractors and recruit new members. Conti didn’t survive 2022: a massive chat leak exposed its operations, and members splintered into Zeon, Black Basta, and Quantum — which rebranded to Royal, then BlackSuit by 2024.
The State Department’s $10 million reward for Conti’s leaders is still outstanding.
James Okafor