An Iranian national, Sina Gholinejad, has pleaded guilty to his involvement in an international ransomware and extortion scheme using the Robbinhood ransomware. The scheme targeted computer networks of various entities across the United States, including cities and healthcare organizations.
Court documents reveal that Gholinejad, 37, along with his co-conspirators, encrypted files on victim networks to demand ransom payments. These cyber-attacks led to significant disruptions and financial losses amounting to tens of millions of dollars. Notably affected were the City of Greenville, North Carolina, and the City of Baltimore, Maryland. Baltimore suffered over $19 million in damages and experienced prolonged disruption to essential city services.
Matthew R. Galeotti from the Justice Department’s Criminal Division stated: “Gholinejad and his co-conspirators — all of whom were overseas — caused tens of millions of dollars in losses and disrupted essential public services by deploying the Robbinhood ransomware against U.S. cities, health care organizations, and businesses.”
Acting U.S. Attorney Daniel P. Bubar commented on the impact: “Cybercrime is not a victimless offense—it is a direct attack on our communities… The announcement today marks a significant step towards justice for the countless victims impacted by the defendant’s malicious scheme.”
James C. Barnacle Jr., Acting Special Agent in Charge at the FBI, emphasized their commitment: “This case demonstrates the capability and resolve of the FBI and our partners to find and impose consequences on cybercriminals no matter where they attempt to hide.”
The criminal activities began in January 2019 when Gholinejad gained unauthorized access to victim networks, copied information onto virtual private servers controlled by conspirators, deployed ransomware for extortion purposes, and attempted laundering through cryptocurrency mixing services.
Gholinejad faces charges including one count of computer fraud and abuse and one count of conspiracy to commit wire fraud with a potential maximum sentence of 30 years in prison.
The case was announced by Daniel P. Bubar after Chief U.S. District Judge Richard E. Myers II accepted Gholinejad’s plea. The investigation is being conducted by the FBI with prosecution led by Assistant U.S. Attorney Brad DeVoe among others.
Further assistance came from various sections within the Justice Department as well as international cooperation for evidence collection.
Additional details regarding protection against ransomware can be accessed at StopRansomware.gov or through related court documents available via PACER under Case No. 4:24-CR-16.
