Article Details
Scrape Timestamp (UTC): 2024-12-18 22:00:43.313
Original Article Text
Click to Toggle View
Raccoon Stealer malware operator gets 5 years in prison after guilty plea. Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. According to unsealed court documents, Sokolovsky (also known as raccoon-stealer, Photix, and black21jack77777) and his conspirators rented the malware to other threat actors under a MaaS (malware-as-a-service) model for $75 per week or $200 monthly. After infecting a device, Raccoon Stealer collects and steals a wide range of data, including credentials, cryptocurrency wallets, credit card data, email data, and other sensitive information from dozens of applications. In March 2022, police arrested Sokolovsky in the Netherlands. The FBI also took the malware offline by dismantling its infrastructure in a joint action with law enforcement authorities in the Netherlands and Italy. The Raccoon Stealer cybercrime gang also suspended operations around the time of Sokolovsky's arrest, saying that one of their lead developers had been killed during Russia's invasion of Ukraine. Since then, the malware operation has been revived several times, with newer versions adding more data theft capabilities. Sokolovsky was extradited to the United States in February 2024 after being indicted for fraud, money laundering, and aggravated identity theft in October 2022. One year later, he pleaded guilty and agreed to pay at least $910,844.61 in restitution. "Mark Sokolovsky was a key player in an international criminal conspiracy that victimized countless individuals by administering malware which made it cheaper and easier for even amateurs to commit complex cybercrimes," said U.S. Attorney Jaime Esparza today. "Sokolovsky's infostealer was responsible for compromising more than 52 million user credentials, which were then used in furtherance of fraud, identity theft, and ransomware attacks on millions of victims worldwide," FBI Special Agent in Charge Aaron Tapp added. After dismantling Raccoon Stealer's infrastructure in March 2022, the FBI also created a website to help victims check whether their information was included in the stolen data using this malware. If your data has been compromised, you will receive an email containing additional information and resources at the address provided when searching the FBI's Raccoon Infostealer Disclosure portal.
Daily Brief Summary
Ukrainian national Mark Sokolovsky was sentenced to five years in prison for operating Raccoon Stealer malware.
Sokolovsky and his conspirators offered the malware as a service to other criminals, charging $75 weekly or $200 monthly.
Raccoon Stealer malware was designed to steal sensitive information like credentials, cryptocurrency wallets, and credit card data from infected devices.
Law enforcement, including the FBI and Dutch and Italian authorities, successfully dismantled the malware's infrastructure in March 2022.
The takedown coincided with the suspension of the Raccoon Stealer operations, attributed partly to the death of a key developer during the Ukraine conflict.
Despite initial disruption, the malware operation has resurfaced multiple times with enhanced data theft capabilities.
Sokolovsky was extradited to the U.S. in February 2024, pleaded guilty, and agreed to pay over $910,000 in restitution.
The FBI created a dedicated portal to assist victims in determining if their data was compromised by Raccoon Stealer.