A Ukranian man admitted to being the mastermind behind one of the most notorious pieces of malware on the internet.
Mark Sokolovsky, 28, admitted to a US District Court that he was the operator behind the Raccoon infostealer, a malware payload that — true to its name — allowed threat actors to record and exfiltrate sensitive information from target systems.
Operating under the now-popular malware-as-a-service (MaaS) model, Raccoon functioned as a small piece of a much larger cybercrime puzzle. Threat actors paid $200 per month via cryptocurrency and in exchange got access to the Raccoon infostealer system.
The attackers would be responsible for the initial breach, usually via phishing, exploits, or social engineering. Once they had access to the target system, they would fire up Raccoon infostealer.
Like any good trash panda, the malware would burrow into the target system and root out the good stuff: credentials, financial account details, personal records, etc. That pilfered info would then either be used by the attacker to commit fraud or would be sold off to others on dark market forums.
Raccoon was so good at its job that at one point it was found to be the most popular information stealer on the market, and was the scourge of security vendors and network admins alike.
That changed in 2022, when Sokolovsky was arrested in the Netherlands and the Raccoon infostealer infrastructure was taken down. Since then, he has found himself being funneled through various legal channels, eventually being extradited to the U.S.
That was a fair sight better than some of his co-conspirators fared. One of the Raccoon infostealer masterminds got caught up in the Russia-Ukraine conflict and met an untimely demise.
In the states, Sokolovsky found himself in the Western Texas District court to face one criminal count of conspiracy to commit computer intrusion, aka criminal hacking. He avoided additional charges related to fraud, money laundering, and identity theft.
Details on his sentencing were not given, though in these cases defendants who agree to a plea deal will often avoid a significant amount of jail time.
In addition to his sentence, Sokolovsky stands to be on the hook for a $23,975 fine and $910,844.61 in restitution charges for those who fell victim to fraud stemming from the use of his malware.
The government has set up a website for malware victims to claim damages.
