Iranian Man Faces Decades in Prison after Ransomware Attacks on US Municipalities

An Iranian national pleaded guilty this week to participating in an international extortion scheme involving the Robbinhood ransomware.

37-year-old Sina Gholinejad, also known as Sina Ghaaf, allegedly worked as part of the Robinhood ransomware operation, compromising the computer networks of cities, corporations, health care organizations, and other entities around the United States

Together with several unnamed co-conspirators, Ghaaf encrypted files on the victim networks with and extorted ransom payments.

Damages in the tens of millions

“Beginning in January 2019, Gholinejad and others gained and maintained unauthorized access to victim computer networks and then copied information from the infected victim networks to virtual private servers controlled by the conspirators,” the US Department of Justice said in a press release.

 “The conspirators also deployed Robbinhood ransomware to encrypt the victims’ files and extort Bitcoin from victims in exchange for the private key required to decrypt the victims’ computer files.”

The Justice Department mentions some of the incidents that made the news, including the widely reported attack on the City of Baltimore, Maryland, which prompted the municipality to spend $19 million to recover after refusing to pay a comparatively meager ransom of $80,000.

Read: Baltimore Allocates $10 Million to Emergency Funding in Wake of Ransomware Attack

Read: Baltimore Struggles to Rebuild Systems after Refusing to Pay Bitcoin Ransom

Read: Hackers Hit Baltimore Yet Again - Ransomware Temporarily Freezes Systems at Major Medical Center

The indictment says Ghaaf and his crew caused severe disruption to essential city services, including online services for processing property taxes, water bills, parking citations, and other revenue-generating functions, which lasted many months.

The indictment identifies multiple additional victims of Robbinhood ransomware, including the City of Greenville, North Carolina, the City of Gresham, Oregon, and the City of Yonkers, New York.

The attacks caused tens of millions in losses, according to the DOJ.

The hackers allegedly capitalized on their growing notoriety after the attacks to intimidate subsequent victims.

Up to 30 years behind bars

Ghaaf pleaded guilty to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud.

According to the DOJ, he faces a maximum penalty of 30 years in prison. He is scheduled to be sentenced in August.

A federal district court judge will determine the final sentence after considering the US Sentencing Guidelines and other statutory factors.

Not everyone is a target for hackers – less so for organized cybercrime – but it’s always a good idea to protect your devices with a security solution capable of sniffing out inbound malware.

You may also want to read:

16 Charged in Connection with DanaBot Malware Allegedly Commanded from Russia

Seventh LockBit Ransomware Mastermind Extradited to Face Charges

£3 Million Fine for a Victim of LockBit Ransomware

Nova Scotia Citizens Told to Watch Out for Scams Following Ransomware Attack on Energy Supplier