As per recent reports, a Moscow hacker has been charged in the US on various accounts of cybercrime. Charges leveled against the hacker include allegedly stealing data, extorting victims, and laundering ransom payments since 2021. In this article, learn more about the threat actor his activities, and cover details about the charges.

Deniss Zolotarjovs: The Moscow Hacker

Media reports have mentioned that the threat actor, Deniss Zolotarjovs, is around 33 years of age and also goes by the name Sforza_cesarini. The Moscow hacker is currently charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion.

Zolotarjovs was arrested in Georgia in December 2023 and has been extradited to the US ever since. Providing details on the Moscow hacker and the organization he’s a part of, the U.S. Department of Justice (DoJ), in a press release, stated that:

“Zolotarjovs is a member of a known cybercriminal organization that attacks computer systems of victims around the world. Among other things, the Russian cybercrime group steals victim data and threatens to release it unless the victim pays ransom in cryptocurrency. The group maintains a leaks and auction website that lists victim companies and offers stolen data for download.”

Karakut Ransomware Group

The Moscow Hacker is an active part of the Karakut ransomware group, engaged with other members of the group, and has laundered money from victims. His ties to the cybercrime syndicate prevailed in a complaint filed in the US district court on November 28th, 2023.

The Federal Bureau of Investigation (FBI) investigation revealed that it was able to link the Moscow hacker to the cybercrime group by tracing bitcoin transfers in September 2021. Providing additional details, the FBI stated that:

“Further analysis of Sforza’s communications [on Rocket.Chat] indicated Sforza appeared to be responsible for conducting negotiations on Karakurt victim cold case extortions, as well as open-source research to identify phone numbers, emails, or other accounts at which victims could be contacted and pressured to either pay a ransom or re-enter a chat with the ransomware group. Sforza also discussed efforts to recruit paid journalists to publish news articles about victims in order to convince the victims to take Karakurt’s extortion demands seriously.” 

In addition, it was also revealed that some of the illegal proceeds were laundered through several addresses prior to being deposited in a Bitcoin24.pro account. The account had the same email address, which led to the issuance of an arrest warrant to Apple in September 2023.

It’s worth mentioning here that the warrant was issued to obtain records associated with the email address. Although the Moscow hacker is the first member believed to be involved with the cybercrime group, the arrest and extradition can pave the way for the prosecution of other hackers belonging to the syndicate.

Conclusion

Deniss Zolotarjovs’ arrest marks a significant breakthrough in the fight against international cybercrime. As the first member of the Karakurt group to be extradited to the U.S., his case could unravel further leads, bringing more cybercriminals to justice and highlighting the ongoing global efforts to combat ransomware attacks. In light of such attacks, the use of proactive online security measures to mitigate risk is now necessary.

The sources for this piece include articles in The Hacker News and The Cyber Express.

The post Moscow Hacker Extradited To US For Cybercrime Involvement appeared first on TuxCare.

*** This is a Security Bloggers Network syndicated blog from TuxCare authored by Wajahat Raja. Read the original post at: https://tuxcare.com/blog/moscow-hacker-extradited-to-us-for-cybercrime-involvement/