Categories: Malware

Ukrainian Hacker Charged for Operating “Raccoon Stealer” Malware-as-a-Service

In an international cybercrime operation dubbed Raccoon Stealer malware-as-a-service (MaaS), the Department of Justice has charged a Ukrainian 26-year-old, Mark Sokolovsky for playing a foul role.

Raccoon Stealer is a trojan that is primarily distributed with the intention of stealing information via the MaaS model. Threat actors have the option to rent Raccoon Stealer on a subscription basis with a variety of options.

Here below we have mentioned the subscription options with their respective price tags:-

  • For a week it will cost $75
  • For a month it will cost $200

There is an administrative panel available to subscribers that allows them to add filters to malware as well as do the following things:-

  • Customize the malware
  • Retrieve the stolen data
  • Create new malware builds

Threat actors get tons of malicious features to steal a wide range of data from the victims’ devices with Raccoon Stealer. Here below we have mentioned the types of data that it enables threat actors to steal:-

  • Saved browser credentials
  • Credit card number
  • Debit cards numbers
  • Cryptocurrency wallets
  • Email

Under the guise of cracked software, Raccoon Stealer is mainly distributed as a malicious program. As far as online monikers go, Sokolovsky was known by a variety of names such as:-

  • raccoonstealer
  • Photix
  • black21jack77777

Raccoon Stealer has been actively operating since April 2019, but it was unexpectedly suspended in March 2022 by the threat actors that were behind it.

In March 2022 Sokolovsky was arrested and is being detained in the Netherlands. While at the moment, he is awaiting extradition to the United States in order to face his charges.

The core infrastructure of Raccoon Infostealer was dismantled by the FBI along with other law enforcement agencies from the Netherlands and Italy.

Since June 2022, there has been a number of underground forums that have been circulating the second version of Raccoon Stealer which was written in C/C++.

A total of 50 million unique credentials and forms of identification of the victims are estimated to have been stolen by the malware based on information provided by the FBI.

Over four million email addresses are said to be included in the credentials. To help users check if their email addresses have been compromised, the FBI has developed a website that lets users check their email addresses.

Charges

Sokolovsky is charged with the following charges:-

  • Conspiracy to commit computer fraud and related activity in connection with computers
  • Conspiracy to commit wire fraud
  • Conspiracy to commit money laundering
  • Aggravated identity theft

The defendant, Mark Sokolovsky could face a maximum imprisonment sentence of 20 years if he is found guilty.

Managed DDoS Attack Protection for Applications – Download Free Guide

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit

Cybersecurity researcher "0xdf" has cracked the "Ghost" challenge on Hack The Box (HTB), a premier…

7 hours ago

Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence

Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering…

8 hours ago

U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation

The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi,…

13 hours ago

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…

2 days ago

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…

2 days ago

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…

2 days ago