Ukrainian Citizen Pleads Guilty to Running Raccoon Infostealer Malware Operation

Ukrainian national pleads guilty to running Raccoon Infostealer malware operation

Ukrainian Citizen Pleads Guilty to Running Raccoon Infostealer Malware Operation

Mark Sokolovsky pleaded guilty in a US court this week following his arrest by Dutch authorities in 2022.

Mark Sokolovsky, a 28-year-old Ukrainian national, pleaded guilty to one count of conspiracy to commit computer intrusion in a US federal court in Texas on October 7.

Sokolovsky was arrested in the Netherlands by Dutch authorities on March 22, 2022, and extradited to the US in February 2024 after being charged with several crimes related to the Raccoon Infostealer malware-as-a-service operation.

According to court documents and the U.S. Attorney’s Office for the Western District of Texas, the Raccoon Infostealer was available for $200 per month, payable in cryptocurrency. Once deployed, often through phishing emails, the malware was capable of stealing financial information, login details, and other personal data.

This data was then used to facilitate financial fraud or sold to other hackers on cybercrime forums.

Following Sokolovsky’s arrest in 2022, the FBI was able to take down the infrastructure supporting the data thief, disrupting the then-existing version of the malware.

Months later, however, researchers from cybersecurity firm Sekoia’s threat intelligence team found evidence of a new version of Raccoon Stealer in circulation. Other operators of the malware promised to return on a Russian-language hacking forum in March 2022.

In May 2022, Raccoon Stealer v2 was being sold on both Telegram and hacking forums, and on June 10, 2022, its admin panel was appearing in searches on the Shodan search engine.

“Therefore, samples of Raccoon Stealer v2 were observed in the wild as early as May 16, 2022,” Sekoia researchers said in a June 28, 2022 blog post.

“As for the older version, threat actors mainly distribute the information stealer using fake installers or cracked versions of popular software.”

Sokolovsky also agreed to pay restitution of at least US$910,844.61 and a money forfeiture judgment of US$23,975.

Leave a Reply

Your email address will not be published. Required fields are marked *