Ukrainian pleads guilty to operating Raccoon Stealer malware

Ukrainian national Mark Sokolovsky has admitted guilt in connection with his participation in the Raccoon Stealer malware cybercrime scheme. Sokolovsky and his accomplices disseminated Raccoon Stealer through a Malware-as-a-Service (MaaS) model, enabling cybercriminals to lease the malware for $75 per week or $200 per month. The malware is designed to exfiltrate a broad spectrum of sensitive data from compromised devices, including stored browser credentials, cryptocurrency wallets, credit card information, email records, and confidential data from numerous applications. Subscribers of Raccoon Stealer were also granted access to an administrative panel, allowing them to customize the malware, retrieve stolen data (logs), and generate new malware variants.
As detailed in the recently unsealed indictment, Sokolovsky—who operated under aliases such as raccoon-stealer, Photix, and black21jack77777—was apprehended in March 2022 in the Netherlands.
Concurrently, the FBI, in collaboration with law enforcement agencies from the Netherlands and Italy, dismantled the Raccoon Infostealer infrastructure, effectively rendering the malware inactive.