Iranian man pleads guilty to Baltimore attack, faces 30 years in prison

Sina Golinejad, a 37-year-old Iranian citizen, pleaded guilty to a large-scale attack using the Robbinhood ransomware against the city of Baltimore and other U.S. municipalities. He faces up to 30 years in prison after causing tens of millions of dollars in damage.

Golinejad pleaded guilty to two federal charges: conspiracy to defraud and unauthorized access to computer systems. His attacks, which began in January 2019, caused significant damage to city services in Baltimore, Greenville, North Carolina, Gresham, Oregon, and Yonkers, New York.

• According to the U.S. Department of Justice, the attacker demanded a ransom in bitcoin and threatened similar attacks on other cities. The attack on Baltimore cost the city $19 million and forced a month-long shutdown of municipal services.

He was arrested in North Carolina in early January 2025. The investigation was conducted with international participation, including Bulgarian law enforcement.

The 2019 Baltimore incident was the first high-profile case of ransomware targeting a major American city. Baltimore authorities refused to pay a $76,000 ransom, causing the city to experience a prolonged shutdown. Since then, Robbinhood has become one of the most common tools used to attack government structures in the United States.

Golinezhad and his accomplices operated from abroad until March 2024, targeting critical structures: municipalities, hospitals, and businesses. This is the first time that a key organizer of an international attack on an American city has been prosecuted in the United States. The case is being viewed as a warning to other cybercriminals. Golinezhad is scheduled to be sentenced in August. The Ministry of Justice emphasized: “There will be no impunity for such actions.”