US Indicts Ukrainian National for Allegedly Operating Raccoon Stealer Malware

US authorities recently charged Mark Sokolovsky, a 26-year-old Ukrainian national, for his alleged involvement in the Raccoon Stealer malware campaign.

According to the indictment, the suspect led malicious activities under the monikers raccoonstealer, black21jack77777, and Photix. After being arrested in March 2022, he was placed in jail in the Netherlands, where he’s currently awaiting extradition to the United States.

The FBI issued a press release detailing the investigation that led to Sokolovsky’s indictment. The document highlights some of the techniques used by the perpetrators behind the Raccoon Stealer operation and the type of information they stole during its runtime.

“While an exact number has yet to be verified, FBI agents have identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) in the stolen data from what appears to be millions of potential victims around the world,” reads the FBI press release.“The credentials appear to include over four million email addresses.”

The document also mentions a government-run website where potential Raccoon Stealer victims could input their email addresses to check if they were affected by the malicious campaign. Confirmed victims receive a follow-up email with additional resources and the recommendation to “fill out a detailed complaint and share any financial or other harm experienced from their information being stolen.”

Raccoon Stealer is a malware-as-a-service (MaaS) operation that pushes an information-stealer trojan, allowing threat actors to rent it on a weekly or monthly basis.

In exchange for $75 a week or $200 a month, threat actors could access a command center, letting them configure the malware, exfiltrate data from compromised systems, and generate new, customized builds.

The malware’s notoriety stems from the extensive range of information it can extract from infected devices, including email data, browser credentials, credit card details, and crypto wallets.

Dedicated software such as Bitdefender Ultimate Security can protect you against information-stealer Trojans and other digital threats with features like:

• Real-time, comprehensive protection against viruses, worms, Trojans, spyware, rootkits, zero-day exploits, ransomware and other cybernetic threats
• Network threat prevention module that scans for unusual network-level activity and blocks it
• Behavioral detection system that thoroughly monitors active apps and blocks suspicious activity to prevent infections
• Breach monitor module that detects if your data has been leaked in a breach and offers personalized mitigation strategies to address the situation