US Indicts Ukrainian for ‘Raccoon Stealer’ Malware That Hit Millions of Computers

Total times read this article : 25

The US says it’s nabbed a developer behind “Raccoon Stealer,” a Windows-based malware that likely infected millions of computers across the globe. 

On Tuesday, the Justice Department announced(Opens in a new window) the indictment of a 26-year-old Ukrainian named Mark Sokolovsky for his involvement in operating Raccoon Stealer, which can steal passwords, credit card numbers, and other sensitive details from infected PCs. 

Sokolovsky was arrested in March after leaving Ukraine for the Netherlands in a Porsche Cayenne vehicle, according(Opens in a new window) to court documents. Dutch authorities then arrested him on a request from the US. 

Mark


Mark Sokolovsky
(Credit: DOJ)

The Justice Department says it also worked with European law enforcement to dismantle the IT infrastructure powering Racoon Stealer. The work led investigators to identify that the malware has stolen over 50 million unique credentials and forms of identification, such as email addresses, credit card numbers, cryptocurrency addressesm and bank account details from victims. 

“The credentials appear to include over four million email addresses. The United States does not believe it is in possession of all the data stolen by Raccoon Infostealer and continues to investigate,” the Justice Department added. 

Raccoon Stealer emerged in 2019 as a malware that cybercriminals could buy access to for about $200 a month. The Justice Department says(Opens in a new window) Raccoon Stealer arrived through phishing emails, such as fake messages about the COVID-19 pandemic, which tricked victims into installing the malicious code. Security firms have also spotted(Opens in a new window) Raccoon Stealer arriving through other malware packages and malicious web pages.

image


(Credit: DOJ)

Once the malware infected, cybercriminals could then use it to steal logins or banking information from victims to help them break into valuable online accounts or to commit identity fraud. In addition, the hackers could have taken the stolen information and sold it over dark web marketplaces for a profit.

Recommended by Our Editors

The Justice Department has created a website(Opens in a new window), which anyone can use to learn if their computer was ever compromised by Raccoon Stealer. The website asks the user to input their email address. The Justice Department will then send them a message, confirming if their email address was found in the repository of Raccoon Stealer stolen data the US managed to recover. 

image


(Credit: DOJ)

Federal prosecutors are also working to extradite Sokolovsky to the US to face trial. He faces up to 27 years in prison, if convicted of all charges.

However, Raccoon Stealer is far from dead. After a brief hiatus following Sokolovsky’s arrest, the remaining team behind the malware relaunched(Opens in a new window) it as Raccoon Stealer version 2.0 back in June.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2022-03-24T14:57:33.000000Z”,”last_published_at”:”2022-03-24T14:57:28.000000Z”,”created_at”:null,”updated_at”:”2022-03-24T14:57:33.000000Z”})” x-show=”showEmailSignUp()” class=”rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs” readability=”31.423799582463″>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Facebook Comments Box

Hits: 0

RELATED ARTICLESMORE FROM AUTHOR