A Ukrainian individual suspected of being one of the “chief operators” of Racoon Stealer, a prominent malware-as-a-service platform, will be extradited to the United States to face computer fraud, wire fraud, and money laundering charges. Mark Sokolovsky, 26, was detained in the Netherlands in March of this year and went by the aliases raccoonstealer, Photix, and b1ack21jack77777 on the internet.
The Raccoon Stealer virus is suspected to have infected millions of computers worldwide since 2019, resulting in the capture of at least 50 million unique credentials, including those to over four million email accounts, according to the FBI. The malware, which is typically distributed via phishing campaigns and exploit kits, is also capable of stealing credit card information, browser autofill data, bitcoin seed phrases, and just about anything else stored in up to 60 distinct programs.
Sokolovsky flaunting a bag of cash, most likely from Raccoon Stealer subscription revenue. US Department of Justice
Raccoon Stealer was a Telegram bot that charged clients $75 per week or $200 per month in cryptocurrencies for access to the platform, which was routinely updated and was used by persons looking to sell stolen credentials on darknet markets or forums on the dark web. Because to its ease of use and accessibility, it was extremely popular and successful.
Raccoon Stealer’s operators momentarily halted operations in March, around the time of Sokolovsky’s arrest, saying on the Raid hacking forum that one of their primary developers had been killed in Russia’s conflict with Ukraine. By late June, the service was back up and running, however it did so in a different and less secure manner, making its trojan simpler for antivirus tools to detect and mitigate.
Data collected from a computer by the Raccoon Stealer spyware. US Department of Justice
If convicted, Sokolovsky faces a 20-year sentence for wire fraud and money laundering, a five-year sentence for computer fraud, and a two-year obligatory consecutive term for identity theft.