An Iranian nationwide has pleaded responsible to collaborating within the Robbinhood ransomware operation, which was used to breach the networks, steal information, and encrypt gadgets of U.S. cities and organizations in an try and extort hundreds of thousands of {dollars} over a five-year span.
Based on a U.S. Division of Justice and an unsealed indictment, 39-year-old man named Sina Gholinejad, also called “Sina Ghaaf,” and his conspirators deployed the Robbinhood ransomware on breached networks from at the very least January 2019 by way of March 2024.
The assaults focused native governments, healthcare suppliers, and nonprofit organizations, encrypting information and demanding Bitcoin ransoms in return for a decryptor and to stop information leaks.
Victims included the cities of Baltimore, Greenville (North Carolina), Gresham (Oregon), and Yonkers (New York), in addition to organizations corresponding to Meridian Medical Group and Berkshire Farm Heart.
Gholinejad and his co-conspirators usually accessed sufferer networks utilizing administrator accounts or vulnerabilities, deployed the ransomware manually, and demanded fee by way of Tor darkish web pages.
Nonetheless, it wasn’t till Might 2019 that the Robbinhood gang gained notoriety after disrupting Baltimore’s IT programs for weeks.
The ransomware gang additionally performed information theft in later campaigns, utilizing the stolen information and the specter of leaks as extra leverage in opposition to victims.
Robbinhood stood out on the time for utilizing a reputable however weak Gigabyte driver (gdrv.sys) in Deliver Your Personal Weak Driver assaults to show off antivirus software program. This allowed the menace actors to launch their ransomware encryptor with out interference from safety software program.
Supply: BleepingComputer
Ransom notes left on gadgets directed victims to contact them on Tor websites to barter ransoms.
The indictment describes how the attackers used digital non-public servers in Europe, VPNs, and cryptocurrency mixers to evade regulation enforcement.
Gholinejad pleaded responsible in a North Carolina federal court docket and now faces a most penalty of 30 years in jail for conspiracy to commit fraud, pc intrusion, extortion, and cash laundering.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and learn how to defend in opposition to them.
