Might 28, 2025Ravie LakshmananRansomware / Knowledge Breach
An Iranian nationwide has pleaded responsible within the U.S. over his involvement in a world ransomware and extortion scheme involving the Robbinhood ransomware.
Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are stated to have breached the pc networks of assorted organizations in america and encrypted recordsdata with Robbinhood ransomware to demand Bitcoin ransom funds.
Gholinejad, who was arrested in North Carolina in early January, pleaded responsible to at least one rely of laptop fraud and abuse and one rely of conspiracy to commit wire fraud. He faces a most penalty of 30 years in jail. He’s scheduled for sentencing in August 2025.
“These cyber assaults precipitated important disruptions and tens of thousands and thousands in losses, together with to the Metropolis of Greenville, North Carolina, and the Metropolis of Baltimore, Maryland,” the U.S. Division of Justice (DoJ) stated.
“Baltimore misplaced greater than $19 million from the harm precipitated to their laptop networks and the ensuing disruption to a number of important metropolis companies, together with on-line companies for processing property taxes, water payments, parking citations, and different revenue-generating features, which lasted many months.”
In response to courtroom paperwork, Gholinejad and others infiltrated and maintained unauthorized entry to sufferer laptop networks between January 2019 and March 2024, after which delicate info was copied to digital personal servers beneath their management and deployed the ransomware pressure.
The ill-gotten proceeds have been laundered by means of cryptocurrency mixing companies and by transferring property between several types of cryptocurrencies, a way referred to as chain-hopping. The menace actors additionally hid their identities and actions through the use of digital personal networks and servers.
Robbinhood was one of many cybercrime actors to latch onto carry your personal susceptible driver (BYOVD) assaults, using a respectable however susceptible Gigabyte driver (gdrv.sys) to escalate privileges and disarm safety software program.
“Cybercrime is just not a victimless offense – it’s a direct assault on our communities, as seen on this case. Gholinejad and his co-conspirators orchestrated a ransomware scheme that disrupted lives, companies, and native governments, and resulted in losses of tens of thousands and thousands of {dollars} from unsuspecting victims and establishments,” stated performing U. S. Lawyer Daniel P. Bubar for the Jap District of North Carolina.
Discovered this text fascinating? Comply with us on Twitter and LinkedIn to learn extra unique content material we put up.
