A 26-year-old Ukrainian nationwide has been charged within the U.S. for his alleged function within the Raccoon Stealer malware-as-a-service (MaaS) operation.
Mark Sokolovsky, who was arrested by Dutch legislation enforcement after leaving Ukraine on March 4, 2022, in what’s mentioned to be a Porsche Cayenne, is at present being held within the Netherlands and awaits extradition to the U.S.
“People who deployed Raccoon Infostealer to steal information from victims leased entry to the malware for roughly $200 per thirty days, paid for by cryptocurrency,” the U.S. Division of Justice (DoJ) said. “These people used varied ruses, reminiscent of electronic mail phishing, to put in the malware onto the computer systems of unsuspecting victims.”
Sokolovsky is alleged to have passed by varied on-line monikers like Photix, raccoonstealer, and black21jack77777 on on-line cybercrime boards to promote the service on the market.
Raccoon Stealer, primarily distributed beneath the guise of cracked software program, is understood to be one of many most prolific information stealers, put to make use of by a number of cybercriminal actors for its in depth options and the customizability supplied by the malware.
Lively since April 2019, the risk actors behind the operation abruptly halted work on the undertaking earlier this March, citing the lack of a core member resulting from a “particular operation.”
Whereas this was interpreted because the demise of a developer within the Russo-Ukrainian warfare, court documents present that it was certainly Sokolovsky’s arrest and the next dismantling of the malware’s infrastructure by Italian and Dutch authorities that led to the short-term shutdown.
That mentioned, a second model of Raccoon Stealer written in C/C++ has since begun circulating on underground boards as of June 2022, with its authors touting the software’s ease of use.
“It’s so quick and easy that with its assist it won’t be tough for a kid to discover ways to course of logs,” the cybercrime gang posted in a message shared on its Telegram channel in Could.
In accordance with the U.S. Federal Bureau of Investigation (FBI), the malware is estimated to have facilitated the theft of fifty million distinctive credentials and types of identification (e.g., electronic mail addresses, financial institution accounts, cryptocurrency addresses, and bank card numbers) from tens of millions of victims globally.
The credentials allegedly include over 4 million electronic mail addresses, prompting the FBI to launch a web site raccoon.ic3[.]gov to assist customers verify if their electronic mail addresses present up within the Raccoon Stealer information.
Sokolovsky has been charged with one depend of conspiracy to commit pc fraud and associated exercise in reference to computer systems; one depend of conspiracy to commit wire fraud; one depend of conspiracy to commit cash laundering; and one depend of aggravated id theft.
If confirmed responsible, the defendant faces a most penalty of 20 years in jail for the wire fraud and cash laundering offenses, 5 years for the conspiracy to commit pc fraud cost, and a compulsory consecutive two-year time period for the aggravated id theft offense.
“Such a malware feeds the cybercrime ecosystem, harvesting beneficial data and permitting cyber criminals to steal from harmless Individuals and residents around the globe,” U.S. Legal professional Ashley C. Hoff mentioned.