Mark Sokolovsky, a 28-year-old Ukrainian national, has been sentenced to five years in federal prison for operating the infamous “Raccoon Infostealer” malware-as-a-service platform. Since its launch in 2019, Raccoon Infostealer enabled cybercriminals worldwide to steal sensitive data, including login credentials, financial information, and cryptocurrency wallets, for a monthly fee of approximately $200 in cryptocurrency.
The malware was spread through phishing campaigns and exploit kits, targeting web browsers, cryptocurrency wallets, and various applications. It gathered victims’ data into compressed files and sent them to command-and-control servers, leaving individuals and organizations vulnerable to fraud and identity theft. The operation was temporarily disrupted in March 2022 when the FBI and international law enforcement dismantled the Raccoon infrastructure during Sokolovsky’s arrest in the Netherlands.
Extradited to the United States in early 2024, Sokolovsky pleaded guilty to conspiracy to commit computer intrusion and agreed to forfeit $23,975 and pay at least $910,844.61 in restitution to victims. The court noted that Raccoon Infostealer compromised over 52 million user credentials globally. U.S. prosecutors highlighted how the platform empowered even unskilled hackers to execute sophisticated cybercrimes on a large scale.
Despite the original platform’s takedown, an upgraded version of Raccoon Infostealer resurfaced on underground forums by 2023, with enhanced features and anti-detection capabilities. This case underscores the challenges posed by malware-as-a-service platforms and the need for ongoing international cooperation to combat cybercrime effectively.
Law enforcement agencies urge victims of financial scams linked to Raccoon Infostealer to report incidents to the FBI’s IC3.gov platform. The sentencing serves as a stark warning to cybercriminals, demonstrating the increasing reach and effectiveness of global efforts against cyber threats.