DOJ says ransomware gang tapped into Russian government databases
DOJ says ransomware gang tapped into Russian government databases
美国司法部称勒索软件团伙曾利用俄罗斯政府数据库
A U.S. court has sentenced Latvian hacker Deniss Zolotarjovs to more than eight years in prison following his conviction for carrying out ransomware attacks. The Justice Department accused the hacker of working for a notorious Russian ransomware gang called Karakurt, which was led by former leaders of the Akira and Conti ransomware gangs, who were sanctioned by the U.S. Treasury for their alleged links to Russian intelligence. 美国一家法院判处拉脱维亚黑客丹尼斯·佐洛塔廖夫斯(Deniss Zolotarjovs)超过八年监禁,此前他因实施勒索软件攻击被定罪。美国司法部指控该黑客为一个臭名昭著的俄罗斯勒索软件团伙“Karakurt”工作。该团伙由 Akira 和 Conti 勒索软件团伙的前领导人领导,这些人因涉嫌与俄罗斯情报部门有关联而受到美国财政部的制裁。
Prosecutors said members of Karakurt targeted U.S. government entities with attacks that disrupted 911 emergency dispatch systems, and also stole children’s health information. Zolotarjovs was responsible for “escalating pressure” on victims who resisted the gang’s ransom demands, the DOJ said. 检察官表示,Karakurt 的成员曾针对美国政府实体发动攻击,导致 911 紧急调度系统瘫痪,并窃取了儿童的健康信息。美国司法部称,佐洛塔廖夫斯负责对拒绝支付赎金的受害者“施加压力”。
While Zolotarjovs’ conviction is notable in itself, U.S. prosecutors said in their press release that the ransomware gang relied on access to Russian government databases and law enforcement connections to intimidate its victims, further underscoring the links between the activities of cybercriminals and the Russian state. 虽然佐洛塔廖夫斯的定罪本身就很引人注目,但美国检察官在新闻稿中指出,该勒索软件团伙依靠访问俄罗斯政府数据库和执法部门的关系来恐吓受害者,这进一步凸显了网络犯罪分子的活动与俄罗斯国家之间的联系。
Security researchers have long accused the Russian government of shielding ransomware gangs and malicious hackers from Western law enforcement, including by refusing to extradite its citizens accused of damaging hacks. U.S. officials in recent years have said Russia has become a “safe haven” for cybercriminals, citing the threat from ransomware as one of the top national security challenges facing the United States. 安全研究人员长期以来一直指责俄罗斯政府包庇勒索软件团伙和恶意黑客,使其免受西方执法部门的追究,包括拒绝引渡被控进行破坏性黑客攻击的俄罗斯公民。近年来,美国官员表示,俄罗斯已成为网络犯罪分子的“避风港”,并将勒索软件带来的威胁列为美国面临的首要国家安全挑战之一。
According to the DOJ, the Karakurt ransomware gang “fueled corruption” in the Russian government; these ties to officials allowed the gang’s leaders to avoid paying taxes to the state, and the gang regularly paid bribes to officials who exempted members from compulsory Russian military service. The Russian Foreign Ministry did not respond to TechCrunch’s request for comment. 据美国司法部称,Karakurt 勒索软件团伙“助长了”俄罗斯政府内部的腐败;这些与官员的勾结使该团伙领导人能够逃避向国家纳税,该团伙还定期向官员行贿,以使成员免除俄罗斯的强制兵役。俄罗斯外交部未回应 TechCrunch 的置评请求。
Per the DOJ, the Karakurt gang targeted more than 54 companies, with at least $15 million in ransoms paid by the victims. Karakurt does not appear to be an active ransomware gang; some operations change owners and names, sometimes to evade sanctions. Zolotarjovs was arrested in the country of Georgia in 2023 and extradited to the United States in August 2024. He later pleaded guilty. 据美国司法部统计,Karakurt 团伙针对超过 54 家公司进行了攻击,受害者支付的赎金至少达 1500 万美元。Karakurt 目前似乎已不再是一个活跃的勒索软件团伙;一些此类组织会更换所有者和名称,有时是为了逃避制裁。佐洛塔廖夫斯于 2023 年在格鲁吉亚被捕,并于 2024 年 8 月被引渡至美国。他随后认罪。