Iranian Hacker Admits Role in Robbinhood Ransomware Attacks
A 37-year-old Iranian national, Sina Gholinejad, has pleaded guilty in a North Carolina federal court to his involvement in a series of ransomware attacks that targeted U.S. municipalities and organisations, causing extensive financial and operational damage.
Gholinejad admitted to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud. He now faces a maximum sentence of 30 years in prison, with sentencing scheduled for August 2025. The plea was accepted by U.S. District Judge Richard E. Myers II in Wilmington.
Between January 2019 and March 2024, Gholinejad and unnamed co-conspirators deployed the RobbinHood ransomware variant to infiltrate and encrypt data on the networks of various U.S. city governments, healthcare organisations, and private entities. The attackers demanded ransom payments in Bitcoin in exchange for decryption keys. Among the most severely affected was Baltimore, Maryland, which incurred over $19 million in damages and experienced prolonged disruptions to essential services, including property tax processing and water billing systems.
ADVERTISEMENT
Other targeted locations included Greenville, North Carolina; Gresham, Oregon; and Yonkers, New York. The conspirators also targeted entities such as the Glenn-Colusa Irrigation District in California and the Berkshire Farm Center in New York. The attackers often used the damage inflicted on earlier victims to coerce subsequent targets into paying ransoms.
Gholinejad and his associates employed various tactics to conceal their identities and activities, including the use of virtual private networks and virtual private servers . They also engaged in 'chain-hopping,' a method of laundering cryptocurrency by moving funds through multiple digital currencies to obscure the origin of the payments.
The investigation was led by the FBI's Charlotte and Baltimore field offices, with assistance from the Department of Justice's Criminal Division and National Security Division. Matthew R. Galeotti, head of the Justice Department's Criminal Division, stated that the attacks caused 'tens of millions of dollars in losses and disrupted essential public services.'
Gholinejad was arrested in January 2025 at Raleigh-Durham International Airport. The indictment, initially sealed, was made public following his guilty plea. While the Department of Justice has not alleged direct state sponsorship in this case, U.S. officials have previously linked some Iranian cyber groups to government-backed entities. Iran has denied involvement in state-sponsored cyberattacks targeting U.S. infrastructure.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Sharjah 24
3 days ago
- Sharjah 24
Russia and Ukraine exchange drone attacks ahead of Istanbul talks
Russia's defence ministry reported that its air defence forces had 'intercepted and destroyed' 162 Ukrainian drones, most of them over border regions. It said 57 were brought down over the Kursk region and 31 over Belgorod. The aerial exchanges came ahead of the second direct meeting between Ukrainian and Russian negotiators since Moscow launched its full-scale invasion in February 2022. The talks are expected to focus on military de-escalation and humanitarian issues. Meanwhile, Ukraine claimed it had carried out one of its most daring operations inside Russian territory, targeting airbases and damaging several strategic bombers stationed deep behind enemy lines. Ukraine also accused Russia of launching 80 drones—mostly Iranian-designed Shahed models—along with four missiles in an overnight assault that struck 12 locations across the country. Images from the eastern city of Kharkiv showed damage to residential buildings. In the southern Kherson region, officials reported that a 40-year-old man was killed by Russian artillery fire in frontline territory.
Dubai Eye
3 days ago
- Dubai Eye
Indian billionaire Adani under new scrutiny from US prosecutors
U.S. prosecutors are investigating whether Indian billionaire Gautam Adani's companies imported Iranian liquefied petroleum gas into India through their Mundra port, the Wall Street Journal reported on Monday. A WSJ investigation found tankers traveling between Mundra in the western Indian state of Gujarat and the Persian Gulf exhibited traits experts say are common for ships evading sanctions, the report said. The U.S. Justice Department is reviewing activities of several LPG tankers used to ship cargoes to Adani Enterprises, the WSJ said, citing people familiar with the matter. Reuters could not immediately confirm the report. "Adani categorically denies any deliberate engagement in sanctions evasion or trade involving Iranian-origin LPG," a company spokesman told the WSJ in a statement. "Further, we are not aware of any investigation by U.S. authorities on this subject." Adani, the U.S. Department of Justice and the U.S. Attorney's Office in Brooklyn did not immediately respond to Reuters request for comment. U.S. President Donald Trump said in May that all purchases of Iranian oil or petrochemical products must stop and any country or person buying any from the country would be immediately subject to secondary sanctions. Any inquiry into Adani would come months after U.S. authorities indicted Adani and his nephew, Sagar Adani, alleging they paid bribes to secure power supply contracts, and misled U.S. investors during fund-raising in the United States. Adani Group has called the accusations "baseless" and vowed to seek "all possible legal recourse".
Arabian Post
3 days ago
- Arabian Post
Adani Faces U.S. Inquiry Over Alleged Iran LPG Imports
U.S. prosecutors are investigating whether companies linked to Gautam Adani imported Iranian liquefied petroleum gas into India, potentially violating American sanctions. The probe focuses on shipments received at the Adani-controlled Mundra port in Gujarat, with tankers suspected of using deceptive practices to obscure their origin. This development follows a prior indictment against Adani and associates for alleged bribery and securities fraud. The U.S. Department of Justice, through its Eastern District of New York office, is examining maritime activities involving tankers that may have transported Iranian-origin LPG to Adani Enterprises. Investigators are scrutinizing whether these vessels employed tactics such as falsified automatic identification system data and forged documentation to mask the true source of the shipments. A Wall Street Journal investigation suggests that LPG shipments imported by Adani from Oman may have actually originated from Iran, using complex third-party logistics to mask the true source. A spokesperson for the Adani Group has denied any deliberate involvement in sanctions evasion or trade with Iranian-origin LPG, stating the company is unaware of any U.S. investigation. The group maintains that it conducts thorough due diligence on all imports and complies with applicable laws. ADVERTISEMENT This inquiry adds to the legal challenges facing Adani. In November 2024, U.S. authorities indicted Gautam Adani and his nephew, Sagar Adani, alleging they paid over $250 million in bribes to Indian government officials to secure power supply contracts and misled U.S. investors during fundraising activities. The indictment also accuses other individuals, including former employees of a Canadian institutional investor, of obstructing investigations by deleting evidence and providing false information to authorities. The Adani Group has dismissed those accusations as 'baseless' and committed to pursuing all legal remedies. The Adani Group, integral to India's economy with a valuation of around $150 billion, has faced multiple allegations, including a 2023 report from Hindenburg Research accusing it of securities violations. Despite seeking legal avenues to dismiss the charges and leveraging political support from Republican legislators amid Trump's relaxed foreign bribery enforcement, the ongoing sanctions-related probe poses a significant risk to Adani's efforts to clear his and his conglomerate's name. The investigation into potential sanctions violations underscores the complexities of international trade compliance, especially for conglomerates operating across multiple jurisdictions. As the U.S. continues to enforce sanctions on Iran, companies engaged in global trade must navigate a landscape fraught with legal and regulatory challenges.
