Latest news with #Iranian-linked
The Herald Scotland
6 days ago
- The Herald Scotland
Iranian man pleads guilty to 2019 Baltimore ransomware attack
He faces a maximum penalty of 30 years in prison and is scheduled to be sentenced in August, the Justice Department announced. Gholinejad and unidentified co-conspirators were behind a string of ransomware attacks between January 2019 and March 2024, according to an April 2024 indictment unsealed on May 27. The Justice Department said Gholinejad and his co-conspirators encrypted files on the targeted networks with the Robbinhood ransomware variant to extort ransom payments. The conspirators compromised the computer networks of health care organizations, corporations, and other entities across the United States, according to the Justice Department. The cyberattacks also targeted several U.S. cities, including Baltimore in the high-profile 2019 ransomware attack, and caused "significant disruptions" to essential city services, federal authorities said. The Justice Department added that the conspirators "used the damage they caused these cities to threaten subsequent victims." Though court documents did not allege a state-backed connection in this case, federal authorities have warned in recent years of Iranian government hacking groups targeting U.S. critical infrastructure and private-sector entities. Federal agencies have also issued numerous advisories for cyberattacks by foreign groups, including the Islamic Revolutionary Guard Corps. In November 2023, an Iranian-linked cyber group, Cyber Av3ngers, hacked into the water authority infrastructure in Aliquippa, Pennsylvania. The group took partial control of a system that regulates water pressure, and one that includes technology manufactured in Israel. At the time, federal authorities said the group was looking to disrupt Israeli-made technology in the United States. Here's how to stay protected. Officials warn against dangerous Medusa ransomware attacks. Conspirators used hacking tools to gain access to computer networks Federal authorities said Gholinejad and his co-conspirators gained unauthorized access to computer networks with hacking tools. They copied, transmitted, and stored information and files from the infected victim networks to virtual private servers controlled by the conspirators, according to the indictment. The conspirators also deployed Robbinhood ransomware on targeted computers to encrypt files and make them inaccessible to the victims, the indictment states. They then extorted victims by requiring the payment of Bitcoin in exchange for the private key used to decrypt the victims' computer files. The Justice Department said the conspirators attempted to launder the ransom payments through cryptocurrency mixing services and by moving assets between different types of cryptocurrencies. According to the indictment, the conspirators concealed their identities and activities through various methods, such as the use of virtual private networks and servers that they controlled. The attack on Baltimore in 2019 cost the city more than $19 million from damage to computer networks and disruptions to city services that lasted many months, including the processing of property taxes, water bills, parking citations, and other revenue-generating functions, the Justice Department said. Additional victims include computer networks in the cities of Gresham, Oregon; Yonkers, New York; and Greenville, North Carolina, along with the Glenn-Colusa Irrigation District in California and the nonprofit Berkshire Farm Center and Services for Youth, based in New York, according to the indictment. "Gholinejad and his co-conspirators -- all of whom were overseas -- caused tens of millions of dollars in losses and disrupted essential public services by deploying the Robbinhood ransomware against U.S. cities, health care organizations, and businesses," Matthew R. Galeotti, head of the Justice Department's Criminal Division, said in a statement. "The ransomware attack against the City of Baltimore forced the city to take hundreds of computers offline and prevented the city from performing basic functions for months," Galeotti added. Contributing: Claire Thornton, USA TODAY; Reuters
USA Today
7 days ago
- USA Today
Iranian man pleads guilty to ransomware attacks that targeted Baltimore, other US cities
Iranian man pleads guilty to ransomware attacks that targeted Baltimore, other US cities Show Caption Hide Caption How to avoid scams and frauds online Avoid scams and frauds online with these cybersecurity tips. An Iranian national pleaded guilty for his role in an international ransomware scheme that targeted the computer networks of Baltimore and other U.S. cities, causing tens of millions of dollars in losses and disrupting services, federal authorities said. Sina Gholinejad, 37, pleaded guilty to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud on May 27, the U.S. Department of Justice said in a news release. Gholinejad was arrested on January 10 at Raleigh-Durham International Airport in North Carolina, federal court records show. He faces a maximum penalty of 30 years in prison and is scheduled to be sentenced in August, the Justice Department announced. Gholinejad and unidentified co-conspirators were behind a string of ransomware attacks between January 2019 and March 2024, according to an April 2024 indictment unsealed on May 27. The Justice Department said Gholinejad and his co-conspirators encrypted files on the targeted networks with the Robbinhood ransomware variant to extort ransom payments. The conspirators compromised the computer networks of health care organizations, corporations, and other entities across the United States, according to the Justice Department. The cyberattacks also targeted several U.S. cities, including Baltimore in the high-profile 2019 ransomware attack, and caused "significant disruptions" to essential city services, federal authorities said. The Justice Department added that the conspirators "used the damage they caused these cities to threaten subsequent victims." Though court documents did not allege a state-backed connection in this case, federal authorities have warned in recent years of Iranian government hacking groups targeting U.S. critical infrastructure and private-sector entities. Federal agencies have also issued numerous advisories for cyberattacks by foreign groups, including the Islamic Revolutionary Guard Corps. In November 2023, an Iranian-linked cyber group, Cyber Av3ngers, hacked into the water authority infrastructure in Aliquippa, Pennsylvania. The group took partial control of a system that regulates water pressure, and one that includes technology manufactured in Israel. At the time, federal authorities said the group was looking to disrupt Israeli-made technology in the United States. Here's how to stay protected. Officials warn against dangerous Medusa ransomware attacks. Conspirators used hacking tools to gain access to computer networks Federal authorities said Gholinejad and his co-conspirators gained unauthorized access to computer networks with hacking tools. They copied, transmitted, and stored information and files from the infected victim networks to virtual private servers controlled by the conspirators, according to the indictment. The conspirators also deployed Robbinhood ransomware on targeted computers to encrypt files and make them inaccessible to the victims, the indictment states. They then extorted victims by requiring the payment of Bitcoin in exchange for the private key used to decrypt the victims' computer files. The Justice Department said the conspirators attempted to launder the ransom payments through cryptocurrency mixing services and by moving assets between different types of cryptocurrencies. According to the indictment, the conspirators concealed their identities and activities through various methods, such as the use of virtual private networks and servers that they controlled. The attack on Baltimore in 2019 cost the city more than $19 million from damage to computer networks and disruptions to city services that lasted many months, including the processing of property taxes, water bills, parking citations, and other revenue-generating functions, the Justice Department said. Additional victims include computer networks in the cities of Gresham, Oregon; Yonkers, New York; and Greenville, North Carolina, along with the Glenn-Colusa Irrigation District in California and the nonprofit Berkshire Farm Center and Services for Youth, based in New York, according to the indictment. 'Gholinejad and his co-conspirators — all of whom were overseas — caused tens of millions of dollars in losses and disrupted essential public services by deploying the Robbinhood ransomware against U.S. cities, health care organizations, and businesses,' Matthew R. Galeotti, head of the Justice Department's Criminal Division, said in a statement. "The ransomware attack against the City of Baltimore forced the city to take hundreds of computers offline and prevented the city from performing basic functions for months," Galeotti added. Contributing: Claire Thornton, USA TODAY; Reuters
Yahoo
27-05-2025
- Business
- Yahoo
Iranian man pleads guilty in US to 2019 Baltimore ransomware attack
By AJ Vicens (Reuters) -An Iranian national pleaded guilty to participating in the high-profile 2019 Baltimore, Maryland, ransomware attack, among others, and to causing tens of millions of dollars in losses and disrupted services, the Department of Justice said on Tuesday. Sina Gholinejad, 37, faces a maximum sentence of 30 years in prison after he pleaded guilty to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud, according to the DOJ. The DOJ statement and publicly available court records did not allege a state-backed connection in this case, but U.S. authorities in recent years have warned of Iranian government hacking groups targeting U.S. critical infrastructure and private-sector entities. Iranian-linked hackers have also targeted U.S. critical infrastructure under the guise of ostensibly independent personas, such as the November 2023 defacement of water treatment equipment in Aliquippa, Pennsylvania, by a group called Cyber Av3ngers. The U.S. government later tied the group to the Iranian Islamic Revolutionary Guard Corps. Iran has denied targeting entities in the U.S. with cyberattacks. Gholinejad was arrested January 10, 2025, at the Raleigh-Durham International Airport, according to federal court records. The circumstances of his arrest were not immediately clear. The assistant federal public defender assigned to his case declined to comment. Gholinejad and unnamed co-conspirators were behind a string of ransomware attacks using the Robbinhood ransomware variant dating to January 2019 through March 2024, according to an April 2024 indictment unsealed on Tuesday. Additional victims include computer networks in the cities of Gresham, Oregon; Yonkers, New York; and Greenville, North Carolina, along with the Glenn-Colusa Irrigation District in California and the nonprofit Berkshire Farm Center and Services for Youth, based in New York. The attack on Baltimore, beginning on May 7, 2019, cost the city more than $19 million from damage to computer networks and disruptions to city services including the processing of property taxes, water bills, parking citations and other revenue-generating functions lasting many months, the DOJ said in its statement.
The Star
27-05-2025
- The Star
Iranian man pleads guilty in US to 2019 Baltimore ransomware attack
(Reuters) -An Iranian national pleaded guilty to participating in the high-profile 2019 Baltimore, Maryland, ransomware attack, among others, and to causing tens of millions of dollars in losses and disrupted services, the Department of Justice said on Tuesday. Sina Gholinejad, 37, faces a maximum sentence of 30 years in prison after he pleaded guilty to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud, according to the DOJ. The DOJ statement and publicly available court records did not allege a state-backed connection in this case, but U.S. authorities in recent years have warned of Iranian government hacking groups targeting U.S. critical infrastructure and private-sector entities. Iranian-linked hackers have also targeted U.S. critical infrastructure under the guise of ostensibly independent personas, such as the November 2023 defacement of water treatment equipment in Aliquippa, Pennsylvania, by a group called Cyber Av3ngers. The U.S. government later tied the group to the Iranian Islamic Revolutionary Guard has denied targeting entities in the U.S. with cyberattacks. Gholinejad was arrested January 10, 2025, at the Raleigh-Durham International Airport, according to federal court records. The circumstances of his arrest were not immediately clear. The assistant federal public defender assigned to his case declined to comment. Gholinejad and unnamed co-conspirators were behind a string of ransomware attacks using the Robbinhood ransomware variant dating to January 2019 through March 2024, according to an April 2024 indictment unsealed on Tuesday. Additional victims include computer networks in the cities of Gresham, Oregon; Yonkers, New York; and Greenville, North Carolina, along with the Glenn-Colusa Irrigation District in California and the nonprofit Berkshire Farm Center and Services for Youth, based in New York. The attack on Baltimore, beginning on May 7, 2019, cost the city more than $19 million from damage to computer networks and disruptions to city services including the processing of property taxes, water bills, parking citations and other revenue-generating functions lasting many months, the DOJ said in its statement. (Reporting by AJ Vicens in Detroit;Editing by Matthew Lewis)
Straits Times
27-05-2025
- Straits Times
Iranian man pleads guilty in US to 2019 Baltimore ransomware attack
An Iranian national pleaded guilty to participating in the high-profile 2019 Baltimore, Maryland, ransomware attack, among others, and to causing tens of millions of dollars in losses and disrupted services, the Department of Justice said on Tuesday. Sina Gholinejad, 37, faces a maximum sentence of 30 years in prison after he pleaded guilty to one count of computer fraud and abuse and one count of conspiracy to commit wire fraud, according to the DOJ. The DOJ statement and publicly available court records did not allege a state-backed connection in this case, but U.S. authorities in recent years have warned of Iranian government hacking groups targeting U.S. critical infrastructure and private-sector entities. Iranian-linked hackers have also targeted U.S. critical infrastructure under the guise of ostensibly independent personas, such as the November 2023 defacement of water treatment equipment in Aliquippa, Pennsylvania, by a group called Cyber Av3ngers. The U.S. government later tied the group to the Iranian Islamic Revolutionary Guard Corps. Iran has denied targeting entities in the U.S. with cyberattacks. Gholinejad was arrested January 10, 2025, at the Raleigh-Durham International Airport, according to federal court records. The circumstances of his arrest were not immediately clear. The assistant federal public defender assigned to his case declined to comment. Gholinejad and unnamed co-conspirators were behind a string of ransomware attacks using the Robbinhood ransomware variant dating to January 2019 through March 2024, according to an April 2024 indictment unsealed on Tuesday. Additional victims include computer networks in the cities of Gresham, Oregon; Yonkers, New York; and Greenville, North Carolina, along with the Glenn-Colusa Irrigation District in California and the nonprofit Berkshire Farm Center and Services for Youth, based in New York. The attack on Baltimore, beginning on May 7, 2019, cost the city more than $19 million from damage to computer networks and disruptions to city services including the processing of property taxes, water bills, parking citations and other revenue-generating functions lasting many months, the DOJ said in its statement. REUTERS Join ST's Telegram channel and get the latest breaking news delivered to you.
