Teacher
Professional
- Messages
- 2,670
- Reaction score
- 778
- Points
- 113
Mark Sokolovsky, a 26-year-old citizen of Ukraine, was charged with involvement in the cybercrime operation "Raccoon Stealer - malware as a service" (MaaS).
Raccoon Stealer is an information-stealing Trojan distributed on the MaaS (malware-as-a-service) model, which threatening individuals can rent for $ 75 a week or $ 200 a month.
Subscribers also get access to the admin panel, which allows them to configure malware, retrieve stolen data (also known as logs), and create new malware builds.
Raccoon Stealer is very popular because it steals a wide range of information from infected devices, such as stored credentials and browser information, credit cards, cryptocurrency wallets, email data, and other sensitive data from numerous applications.
Sokolovsky (also known online as raccoonstealer, Photix, and black21jack77777, according to an unopened indictment) was arrested in March 2022 and is currently in jail in the Netherlands awaiting extradition to the United States.
While the Dutch authorities arrested the accused, the FBI and law enforcement partners in the Netherlands and Italy dismantled the Raccoon Infostealer infrastructure and took the existing version of the malware offline.
Around the same time that the arrest was made, BleepingComputer reported that the cybercrime group Raccoon Stealer had suspended its activities after claiming on Russian-language hacker forums that one of its lead developers had been killed during the invasion of Ukraine.
Since then, Raccoon Stealer has resumed operations in early June with the release of a new version created from scratch using the C/C++ language and featuring a new backend, frontend, and new data theft capabilities.
Since March, the FBI has been collecting some of the data stolen by cybercriminals using the Raccoon Stealer malware from infected computers.
"While the exact number has yet to be verified, FBI agents have identified more than 50 million unique credentials and identification forms (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) in stolen data obtained from millions of potential victims around the world," the Justice Department said in a press release today..
"The credentials appear to include more than four million email addresses. The United States does not believe that it owns all the data stolen by Raccoon Infostealer and is continuing to investigate."
• Source: https://www.justice.gov/usao-wdtx/p...n-national-international-cybercrime-operation
• Source: https://www.justice.gov/usao-wdtx/page/file/1546636/download
• Source: https://www.bleepingcomputer.com/ne...or-operating-raccoon-stealer-malware-service/
• Source: https://www.cyberscoop.com/raccoon-infostealer-doj-charges-ukraine/
----
The Netherlands handed over to the United States Mark Sokolovsky, the alleged creator and operator of the MaaS service (Malware-as-a-Service, malware as a service) based on the Raccoon infostiler. The Ukrainian has already been charged and remanded in custody pending trial.
Sokolovsky was arrested on a tip from the FBI in March 2022. At the same time, American security forces, together with their Italian and Dutch colleagues, neutralized the Raccoon infrastructure (version 1.0) and began collecting information about the victims of infection.
At the moment, it was possible to identify more than 50 million unique accounts and other identifiers stolen by the malware.
In the United States, Sokolovsky was charged with conspiracy to defraud, damage other people's computers, money laundering, and aggravated identity theft.
The Ukrainian tried to challenge the extradition from the Netherlands, but in the end was sent overseas to participate in the trial.
The FBI continues to collect information about Raccoon victims. Meanwhile, the remaining malware developers have released a new version, improving its performance, and are now improving it as part of the revived MaaS service.
• Source: https://www.justice.gov/usao-wdtx/pr/ukrainian-national-extradited-us-alleged-cybercrimes
