In an international cybercrime operation dubbed Raccoon Stealer malware-as-a-service (MaaS), the Department of Justice has charged a Ukrainian 26-year-old, Mark Sokolovsky for playing a foul role.
Raccoon Stealer is a trojan that is primarily distributed with the intention of stealing information via the MaaS model. Threat actors have the option to rent Raccoon Stealer on a subscription basis with a variety of options.
Here below we have mentioned the subscription options with their respective price tags:-
- For a week it will cost $75
- For a month it will cost $200
There is an administrative panel available to subscribers that allows them to add filters to malware as well as do the following things:-
- Customize the malware
- Retrieve the stolen data
- Create new malware builds
Threat actors get tons of malicious features to steal a wide range of data from the victims’ devices with Raccoon Stealer. Here below we have mentioned the types of data that it enables threat actors to steal:-
- Saved browser credentials
- Credit card number
- Debit cards numbers
- Cryptocurrency wallets
Under the guise of cracked software, Raccoon Stealer is mainly distributed as a malicious program. As far as online monikers go, Sokolovsky was known by a variety of names such as:-
- raccoonstealer
- Photix
- black21jack77777
Raccoon Stealer has been actively operating since April 2019, but it was unexpectedly suspended in March 2022 by the threat actors that were behind it.
In March 2022 Sokolovsky was arrested and is being detained in the Netherlands. While at the moment, he is awaiting extradition to the United States in order to face his charges.
The core infrastructure of Raccoon Infostealer was dismantled by the FBI along with other law enforcement agencies from the Netherlands and Italy.
Since June 2022, there has been a number of underground forums that have been circulating the second version of Raccoon Stealer which was written in C/C++.
A total of 50 million unique credentials and forms of identification of the victims are estimated to have been stolen by the malware based on information provided by the FBI.
Over four million email addresses are said to be included in the credentials. To help users check if their email addresses have been compromised, the FBI has developed a website that lets users check their email addresses.
Charges
Sokolovsky is charged with the following charges:-
- Conspiracy to commit computer fraud and related activity in connection with computers
- Conspiracy to commit wire fraud
- Conspiracy to commit money laundering
- Aggravated identity theft
