Karakurt Overview

Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new
cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to
steal data and then threaten to auction it off or release it to the public unless they receive payment of the
demanded ransom, which have been known to range from $25,000 to $13,000,000 in Bitcoin, with
payment deadlines typically set to expire within a week of first contact with the victim. The group likely has
ties to the Conti ransomware group, either as a business relationship or as a side business with Conti.
Karakurt is also known for extensive harassment campaigns against victims to shame them. HC3
recommends the Healthcare and Public Health Sector (HPH) be aware of their operations and apply
appropriate cybersecurity principles and practices found in this document in defending their infrastructure
and data against compromise.

Source