Five-Year Prison Term for Raccoon Stealer Malware Operator After Guilty Plea

Ukrainian national Mark Sokolovsky was sentenced to five years in prison for his instrumental role in operating the infamous Raccoon Stealer malware.

The rise and fall of Raccoon Stealer

Initially gaining traction as a malware-as-a-service (MaaS) operation, Raccoon Stealer grew into an indispensable item in many threat actors’ tool belts, allowing even novices to carry out sophisticated cybercrimes.

Under the MaaS business model, cybercriminals could rent the malicious platform for as little as $75 per week or $200 per month.

Its harvesting capabilities were vast, ranging from credentials and cryptocurrency wallets to credit card data, emails and other sensitive information.

Over 52 million user credentials stolen

Sokolovsky, better known in cybercrime circles as “Photix,” “raccoon-stealer” and “black21jack77777,” orchestrated the notorious operation alongside a network of conspirators.

By the time authorities stepped in, Raccoon Stealer, under Sokolovsky’s guidance, had compromised over 52 million user credentials, facilitating widespread fraud, identity theft and even ransomware attacks.

Law enforcement strikes back

Dutch authorities apprehended Sokolovsky in March 2022 in the Netherlands. At the same time, a joint effort of the US FBI and law enforcement agencies in the Netherlands and Italy dismantled Raccoon Stealer’s infrastructure. As a result, the malicious operation suspended activities shortly thereafter.

Adding to the turbulence, the cybercrime syndicate claimed that one of its lead developers had been killed during Russia’s invasion of Ukraine. Despite its hardships, Raccoon Stealer operators attempted a few sporadic revivals, with newer iterations of the malware featuring enhanced data theft capabilities.

Extradition and sentencing

Following his arrest, Sokolovsky was extradited to the US in February 2024, facing charges of money laundering, fraud, and aggravated identity theft. After pleading guilty, he was sentenced to five years and ordered to pay restitution of at least $910,844.61.

"Mark Sokolovsky was a key player in an international criminal conspiracy that victimized countless individuals by administering malware which made it cheaper and easier for even amateurs to commit complex cybercrimes,” said US Attorney Jaime Esparza for the Western District of Texas. “Today’s outcome is the result of tireless investigative efforts by multiple law enforcement agencies in several countries and we reiterate our thanks to our international partners for their essential work. My office will not stop in its efforts to hold cybercriminals accountable for their misdeeds."

Protecting against infostealers

Safeguarding against infostealers and other digital threats can be daunting without comprehensive cybersecurity assistance.

Bitdefender Ultimate Security offers an all-in-one detection and protection bundle encompassing antivirus, anti-malware and anti-ransomware capabilities. It also provides advanced privacy features such as a fully featured password manager, unlimited VPN traffic for anonymous browsing, and digital identity protection.