Ukrainian pleads guilty to running Raccoon Infostealer malware, agrees to pay nearly $1 million

Avatar

A Ukrainian national pleaded guilty in U.S. federal court Monday to operating the Raccoon Infostealer malware, according to a statement from the Department of Justice.

Mark Sokolovsky, 28, agreed to forfeit nearly $24,000 and pay at least $910,844 in restitution as part of the plea deal.

Sokolovsky was previously accused of being one of the “key administrators” of the malicious software that infects computers and steals personal information, including email addresses, identification numbers, bank account details and cryptocurrency information.

Raccoon Infostealer was sold as malware-as-a-service for approximately $200 per month, paid in cryptocurrency. The information stolen through this malware was both used to commit financial crimes and sold to others on cybercrime forums, according to the DOJ.

In March 2022, the FBI, in cooperation with law enforcement agencies in Italy and the Netherlands, dismantled the digital infrastructure supporting Raccoon Infostealer, taking it offline.

However, last April, Raccoon malware operators announced their return, introducing features that make it easier and more convenient to use while also being harder to detect.

Sokolovsky was arrested in the Netherlands and extradited to the U.S. in February 2024. Following his arrest, the FBI collected data stolen from many computers that had been infected with Raccoon malware.

Law enforcement has identified more than 50 million unique credentials and forms of identification, including email addresses, bank accounts, cryptocurrency addresses and credit card numbers in the data stolen by Raccoon Infostealer from millions of victims worldwide.

CybercrimeGovernmentNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

CYBERX INDIA SUMMIT & AWARDS

Next Post

ADT says hacker stole encrypted internal employee data after compromising business partner

Related Posts

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including
Avatar
Read More