A 26-year-old Ukrainian nationwide has been charged within the U.S. for his alleged function within the Raccoon Stealer malware-as-a-service (MaaS) operation.
Mark Sokolovsky, who was arrested by Dutch regulation enforcement after leaving Ukraine on March 4, 2022, in what’s stated to be a Porsche Cayenne, is presently being held within the Netherlands and awaits extradition to the U.S.
“Individuals who deployed Raccoon Infostealer to steal information from victims leased entry to the malware for roughly $200 monthly, paid for by cryptocurrency,” the U.S. Department of Justice (DoJ) stated. “These people used numerous ruses, comparable to e-mail phishing, to put in the malware onto the computer systems of unsuspecting victims.”
Sokolovsky is alleged to have passed by numerous on-line monikers like Photix, raccoonstealer, and black21jack77777 on on-line cybercrime boards to promote the service on the market.
Raccoon Stealer, primarily distributed underneath the guise of cracked software program, is understood to be one of many most prolific data stealers, put to make use of by a number of cybercriminal actors for its in depth options and the customizability provided by the malware.
Active since April 2019, the menace actors behind the operation abruptly halted work on the challenge earlier this March, citing the lack of a core member resulting from a “particular operation.”
While this was interpreted because the dying of a developer within the Russo-Ukrainian conflict, court docket paperwork present that it was certainly Sokolovsky’s arrest and the next dismantling of the malware’s infrastructure by Italian and Dutch authorities that led to the short-term shutdown.
That stated, a second model of Raccoon Stealer written in C/C++ has since begun circulating on underground boards as of June 2022, with its authors touting the instrument’s ease of use.
“It is so quick and easy that with its assist it is not going to be troublesome for a kid to learn to course of logs,” the cybercrime gang posted in a message shared on its Telegram channel in May.
According to the U.S. Federal Bureau of Investigation (FBI), the malware is estimated to have facilitated the theft of fifty million distinctive credentials and types of identification (e.g., e-mail addresses, financial institution accounts, cryptocurrency addresses, and bank card numbers) from hundreds of thousands of victims globally.
The credentials allegedly encompass over 4 million e-mail addresses, prompting the FBI to launch an internet site raccoon.ic3[.]gov to assist customers verify if their e-mail addresses present up within the Raccoon Stealer information.
Sokolovsky has been charged with one depend of conspiracy to commit pc fraud and associated exercise in reference to computer systems; one depend of conspiracy to commit wire fraud; one depend of conspiracy to commit cash laundering; and one depend of aggravated identification theft.
If confirmed responsible, the defendant faces a most penalty of 20 years in jail for the wire fraud and cash laundering offenses, 5 years for the conspiracy to commit pc fraud cost, and a compulsory consecutive two-year time period for the aggravated identification theft offense.
“This sort of malware feeds the cybercrime ecosystem, harvesting beneficial data and permitting cyber criminals to steal from harmless Americans and residents around the globe,” U.S. Attorney Ashley C. Hoff stated.