October 7, 2024 at 05:17PM
Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware cybercrime. He distributed the malware under a MaaS model, allowing users to rent it for weekly or monthly fees. Sokolovsky was arrested in the Netherlands in March 2022, and the FBI dismantled the malware’s infrastructure in a joint action with authorities in the Netherlands and Italy. Subscribers of Raccoon Stealer can now check if their data was stolen through a government website. Sokolovsky has agreed to a restitution and forfeiture money judgment as part of his plea agreement.
From the meeting notes, it’s clear that Mark Sokolovsky, a Ukrainian national, has pleaded guilty to his involvement in the Raccoon Stealer malware cybercrime operation. The operation involved distributing the malware under a MaaS (malware-as-a-service) model, allowing users to rent it for a fee. The malware is designed to steal a wide range of sensitive information from infected devices, and subscribers would receive access to an admin panel for customization and data retrieval.
Sokolovsky, also known by several online aliases, was arrested in the Netherlands in March 2022, and the FBI, in collaboration with law enforcement authorities in the Netherlands and Italy, dismantled the Raccoon Infostealer infrastructure around the same time. Despite claims of the suspension of operations due to the invasion of Ukraine, the operation was relaunched with new versions.
After taking down the malware’s infrastructure, the FBI collected some of the stolen data and created a website to help victims check if their data is in the U.S. government’s archive of Raccoon Infostealer stolen information. Following extradition to the United States, Sokolovsky was indicted on fraud, money laundering, and aggravated identity theft charges and has agreed to a restitution amount as part of his plea agreement.
The data stolen by Raccoon Infostealer is extensive, with over 50 million unique credentials and forms of identification identified by FBI agents. The Department of Justice has emphasized that the investigation is ongoing and the U.S. government does not believe it has possession of all the stolen data.