An Iranian national pleaded guilty recently. His name is Sina Gholinejad. He participated in the Robbinhood ransomware operation. This scheme spanned approximately five years. It began around January 2019. It continued through March 2024. The group breached networks of U.S. entities. They stole significant data and encrypted devices. Attackers then attempted to extort millions of dollars. Bitcoin ransoms were demanded from their victims. This caused tens of millions in financial losses. It also led to major disruptions of public services.
Gholinejad and his co-conspirators targeted various organizations. These included local U.S. governments. Healthcare providers and nonprofit organizations were also victims. They often gained network access using administrator accounts. Known software vulnerabilities were also exploited by them. The Robbinhood ransomware was typically deployed manually. Ransom notes on devices directed victims to Tor sites. The gang gained significant notoriety in May 2019. This followed the severe disruption of Baltimore’s IT systems. They also stole data in later campaigns. This provided additional leverage against their victims. A vulnerable Gigabyte driver was used. It disabled antivirus software effectively.
The attackers employed several sophisticated evasion tactics.
They used virtual private servers located in Europe. VPNs and cryptocurrency mixers helped hide their tracks. They laundered ransom payments through these complex methods. U.S. Justice Department officials strongly condemned these actions. They emphasized the severe impact on American communities. The disruption to essential public services was particularly highlighted. Law enforcement agencies stated their firm commitment. They vowed to prosecute such cybercriminals vigorously.
Their global location will not prevent justice. International cooperation was vital for the investigation.
Sina Gholinejad entered his guilty plea in federal court. This took place in North Carolina very recently. He pleaded guilty to computer fraud and abuse. He also pleaded to conspiracy to commit wire fraud. Gholinejad now faces a substantial maximum penalty. This could be up to 30 years in federal prison. His sentencing hearing is scheduled for August. A federal judge will determine the final sentence then. The FBI’s Charlotte Field Office led the investigation. The FBI Baltimore Field Office provided significant help. Bulgarian authorities also assisted with evidence collection.
Reference:
