Cybercriminal Behind Raccoon Stealer Malware Faces Justice
Mark Sokolovsky has admitted his guilt in participating in the campaign to distribute the Raccoon Stealer malware. Sokolovsky and his accomplices distributed Raccoon Stealer under the MaaS (Malware-as-a-Service) model, offering the software for rent at $75 per week or $200 per month. The malicious program stole a wide range of data from infected devices, including passwords, browser information, cryptocurrency wallets, bank card details, emails, and other confidential information from dozens of applications.
Subscribers to Raccoon Stealer were given access to an administrative panel where they could configure the malware, retrieve stolen data, and create new builds of the program.
According to the indictment, Sokolovsky (also known as “raccoon-stealer,” “Photix,” and “black21jack77777”) was arrested in the Netherlands in March 2022. Around the same time, the FBI, in cooperation with law enforcement in the Netherlands and Italy, dismantled the Raccoon Stealer infrastructure and disabled the malware.
Following Sokolovsky’s arrest, the group suspended its operations, stating that one of its lead developers had perished during the conflict in Ukraine. However, the operation was revived twice, each time with new versions of the malware boasting enhanced data-stealing capabilities.
The FBI has also collected part of the data stolen by Raccoon Stealer and created a website where victims can check if their information was included in the stolen data archive. Those whose data was compromised will receive confirmation and be provided with resources for further actions.
Sokolovsky was extradited to the U.S. in February 2024 after charges were filed in October 2022, including fraud, money laundering, and identity theft. For the most serious offenses, Sokolovsky faces up to 20 years in prison.
According to the Department of Justice, more than 50 million unique account credentials and identifying information were discovered, including over 4 million email addresses. However, a portion of the stolen data remains undetected, and the investigation is ongoing. As part of a plea deal, Sokolovsky agreed to pay restitution of at least $910,844.61 and forfeit $23,975.
