Conti, Akira Affiliate Sentenced to 102 Months in Prison for Ransomware and Extortion Operations Targeting over 50 Organizations
Published on May 6, 2026
Key Takeaways
- Prison sentencing: Deniss Zolotarjovs received a 102-month prison sentence for his operational role in sophisticated ransomware campaigns linked to Conti.
- Quantified damages: The threat actor group inflicted hundreds of millions of dollars in financial losses across more than 54 compromised organizations.
- International extradition: Zolotarjovs pleaded guilty to conspiracy charges involving money laundering and wire fraud following their apprehension in Georgia.
Deniss Zolotarjovs, a 35-year-old Latvian national residing in Moscow, Russia, has been sentenced to 8.5 years in prison. Authorities say the individual served as an operational member of a sophisticated ransomware enterprise managed by the former leadership of the Conti threat actor group.
International law enforcement agencies apprehended Zolotarjovs in Georgia in December 2023. Authorities subsequently extradited him to U.S. jurisdiction in August 2024. In July 2025, Zolotarjovs formally entered guilty pleas to conspiracy charges involving money laundering and wire fraud, resulting in his 102-month prison sentence.
Ransomware and Data Exfiltration
Between June 2021 and August 2023, the cybercriminal organization successfully compromised more than 54 enterprise targets, according to U.S. Department of Justice (DOJ) documents. The threat actors operated using multiple ransomware-as-a-service (RaaS) variants, including Conti, Akira, Karakurt, Royal, TommyLeaks, and SchoolBoys Ransomware.
During these network intrusions, the organization, whose members included multiple former Russian law enforcement officers, exfiltrated highly sensitive personally identifiable information (PII). The compromised datasets included Social Security numbers, residential addresses, birth dates, and protected health information (PHI).
“Deniss Zolotarjovs helped his ransomware gang profit from hacks of dozens of companies, and even on a government entity whose 911 system was forced offline,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division. “He also used stolen children’s health information to increase his leverage to extort victim payments.”
Financial Impact on Victim Organizations
The monetary impact resulting from these network compromise incidents is substantial. Analysis of documented attacks against 13 organizations revealed aggregate losses exceeding $56 million, including approximately $2.8 million in direct ransom payment demands. Additionally, 41 victim organizations paid a collective $13 million in extortion payments to the threat actors.
Given the operational scale and geographic distribution of these campaigns, authorities assess that the organization's total global financial impact reaches hundreds of millions of dollars.
Last month, a Russian hacking campaign targeting Ukraine and NATO was attributed to APT28, and Sweden linked its thermal plant cyberattack to Russian threat actors. In March, Russian cybercriminals targeted the Signal and WhatsApp accounts of high-value Individuals in a large-scale phishing operation.
In October 2025, a Ukrainian national was extradited from Ireland to the U.S. to face charges for his alleged role in the Conti ransomware conspiracy.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular