WBFF — An Iranian national pled guilty to charges of participating in an international ransomware and extortion scheme in Robbinhood ransomware, the FBI announced Tuesday.
Sina Gholinejad, 37, pleaded guilty to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud. He faces a maximum penalty of 30 years in prison.
According to court documents and statements made in court, beginning in 2019, Gholinejad and his co-conspirators compromised the computer networks of cities, corporations, health care organizations, and other entities across the United States.
They also encrypted files on these networks with the Robbinhood ransomware variant to extort ransom payments.
Officials say that the cyber attacks caused significant disruptions and millions in losses, including to the cities of Greenville, North Carolina, and Baltimore, Maryland. Gresham, Oregon, and Yonkers, New York, were also victims of the attack.
Authorities say that the city of Baltimore lost more than $19 million from the damage caused to its computer networks and the disruption it caused to several city services, including online services for processing property taxes, water bills, parking citations, and other revenue-generating functions. This outage lasted for several months.
Officials say that the hackers used the damage they caused these cities to threaten other victims, and extorted Bitcoin in exchange for the private key required to decrypt the victim’s computer files.
Gholinejad and his co-conspirators attempted to launder ransom payments through cryptocurrency mixing services and by moving assets between different types of cryptocurrencies, a practice officials say is known as “chain-hopping.” The FBI says that the criminals hid their identities and illegal activities through a number of technical methods, including the use of virtual private networks and servers.
The FBI Field Office in Charlotte investigated the case, but said they received “substantial assistance” from the FBI Field Office in Baltimore.
“Gholinejad and his co-conspirators — all of whom were overseas — caused tens of millions of dollars in losses and disrupted essential public services by deploying the Robbinhood ransomware against U. S. cities, health care organizations, and businesses,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division, via a press release. “The ransomware attack against the City of Baltimore forced the city to take hundreds of computers offline and prevented the city from performing basic functions for months. Gholinejad’s conviction reflects the Criminal Division’s commitment to bringing cybercriminals who target our cities, healthcare system, and businesses to justice no matter where they are located. There will be no impunity for these destructive attacks.”
“Cybercrime is not a victimless offense — it is a direct attack on our communities, as seen in this case. Gholinejad and his co-conspirators orchestrated a ransomware scheme that disrupted lives, businesses, and local governments, and resulted in losses of tens of millions of dollars from unsuspecting victims and institutions,” said acting U. S. Attorney Daniel P. Bubar for the Eastern District of North Carolina, via a press release. “The announcement today marks a significant step towards justice for the countless victims impacted by the defendant’s malicious scheme. Cases like these act as a reminder that cybercriminals who seek to exploit our digital infrastructure for personal gain will be identified, prosecuted, and held accountable.”
“These ransomware actors leveraged sophisticated tools and tradecraft to harm innocent victims in the United States, all while believing they could conduct their illegal activities safely from overseas,” said Acting Special Agent in Charge James C. Barnacle Jr. of the FBI’s Charlotte Field Office, via a press release. “This case demonstrates the capability and resolve of the FBI and our partners to find and impose consequences on cybercriminals no matter where they attempt to hide.”
Gholinejad will be sentenced in August.
