• Vulnerable U
  • Posts
  • Raccoon Infostealer Malware Operator Sentenced to Prison

Raccoon Infostealer Malware Operator Sentenced to Prison

The Raccoon infostealer operator, a Ukrainian national, was sentenced to five years in prison.

Author

Newsroom
December 19, 2024

A Ukrainian national was sentenced in the U.S. to five years in prison for his role in operating the Raccoon information stealer malware, the Department of Justice (DoJ) announced on Wednesday. The individual, Mark Sokolovsky, 28, was first arrested in 2022 by Dutch authorities, and was charged by the DoJ later that year for his role in conspiring to operate the infostealer as a service.

Key Details:

  • Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion 

  • Sokolovsky pleaded guilty earlier this year, in October, and as part of his plea, he agreed to forfeit $23,975 and pay at least $910,844.61 in restitution

  • In the initial charges announced against Sokolovsky in 2022, the DoJ said that he could potentially face up to 20 years in prison for wire fraud and money laundering offenses, five years for conspiracy to commit computer fraud and a two-year term for aggravated identity theft

Why It Matters: Raccoon was one of the more prominent information stealers in 2021, due in part to its low price, its customizable nature and its ease of use. Between 2019 and 2022, the malware was sold as a service for $200 a month, and cybercriminals could leverage it in attacks to steal important information, like login credentials, financial data or personal records.

The DoJ in 2022 announced that the FBI and law enforcement partners had dismantled the malware’s infrastructure after Sokolovsky’s arrest. As part of that operation, the FBI said it identified more than 50 million unique credentials (including four million email addresses) and forms of authentication that had been stolen by cybercriminals using the Raccoon infostealer malware. 

However, beyond the takedown of the malware’s infrastructure, U.S. officials said that Sokolovsky was a key player in international cybercrime operations, who through the Raccoon infostealer made it easier and cheaper for less sophisticated threat actors to steal sensitive victim data. 

“Sokolovsky’s infostealer was responsible for compromising more than 52 million user credentials, which were then used in furtherance of fraud, identity theft, and ransomware attacks on millions of victims worldwide,” said Special Agent in Charge Aaron Tapp for the FBI’s San Antonio field office, in a statement.