Categories: Malware

Ukrainian Hacker Charged for Operating “Raccoon Stealer” Malware-as-a-Service

In an international cybercrime operation dubbed Raccoon Stealer malware-as-a-service (MaaS), the Department of Justice has charged a Ukrainian 26-year-old, Mark Sokolovsky for playing a foul role.

Raccoon Stealer is a trojan that is primarily distributed with the intention of stealing information via the MaaS model. Threat actors have the option to rent Raccoon Stealer on a subscription basis with a variety of options.

Here below we have mentioned the subscription options with their respective price tags:-

  • For a week it will cost $75
  • For a month it will cost $200

There is an administrative panel available to subscribers that allows them to add filters to malware as well as do the following things:-

  • Customize the malware
  • Retrieve the stolen data
  • Create new malware builds

Threat actors get tons of malicious features to steal a wide range of data from the victims’ devices with Raccoon Stealer. Here below we have mentioned the types of data that it enables threat actors to steal:-

  • Saved browser credentials
  • Credit card number
  • Debit cards numbers
  • Cryptocurrency wallets
  • Email

Under the guise of cracked software, Raccoon Stealer is mainly distributed as a malicious program. As far as online monikers go, Sokolovsky was known by a variety of names such as:-

  • raccoonstealer
  • Photix
  • black21jack77777

Raccoon Stealer has been actively operating since April 2019, but it was unexpectedly suspended in March 2022 by the threat actors that were behind it.

In March 2022 Sokolovsky was arrested and is being detained in the Netherlands. While at the moment, he is awaiting extradition to the United States in order to face his charges.

The core infrastructure of Raccoon Infostealer was dismantled by the FBI along with other law enforcement agencies from the Netherlands and Italy.

Since June 2022, there has been a number of underground forums that have been circulating the second version of Raccoon Stealer which was written in C/C++.

A total of 50 million unique credentials and forms of identification of the victims are estimated to have been stolen by the malware based on information provided by the FBI.

Over four million email addresses are said to be included in the credentials. To help users check if their email addresses have been compromised, the FBI has developed a website that lets users check their email addresses.

Charges

Sokolovsky is charged with the following charges:-

  • Conspiracy to commit computer fraud and related activity in connection with computers
  • Conspiracy to commit wire fraud
  • Conspiracy to commit money laundering
  • Aggravated identity theft

The defendant, Mark Sokolovsky could face a maximum imprisonment sentence of 20 years if he is found guilty.

Managed DDoS Attack Protection for Applications – Download Free Guide

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Landmark Admin Suffers Major Breach, Exposing Data of 1.6M+ Users

Landmark Admin, LLC (“Landmark”), a Texas-based third-party administrator for life insurance carriers, has confirmed that…

1 hour ago

SquareX to Reveal Critical Data Splicing Attack at BSides SF, Exposing Major DLP Vulnerability

SquareX researchers Jeswin Mathai and Audrey Adeline will be disclosing a new class of data exfiltration techniques at BSides San…

1 hour ago

Firefox Fixes High-Severity Vulnerability Causing Memory Corruption via Race Condition

Mozilla has released Firefox 137.0.2, addressing a high-severity security flaw that could potentially allow attackers…

3 hours ago

Tails 6.14.2 Released with Critical Fixes for Linux Kernel Vulnerabilities

The Tails Project has urgently released Tails 6.14.2, addressing critical security vulnerabilities in the Linux kernel…

4 hours ago

APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats

Check Point Research (CPR) has uncovered a new targeted phishing campaign employing GRAPELOADER, a sophisticated…

5 hours ago

Chinese Hackers Unleash New BRICKSTORM Malware to Target Windows and Linux Systems

A sophisticated cyber espionage campaign leveraging the newly identified BRICKSTORM malware variants has targeted European…

5 hours ago