AUSTIN, Texas – A Ukrainian national pleaded guilty in federal court in Austin today, October 8, to one count of conspiracy to commit computer intrusion.
The defendant, Mark Sokolovsky, 28, conspired to operate the Raccoon Infostealer malware, which was used to steal sensitive data such as login credentials, financial information, and personal records from countless victims worldwide.
Sokolovsky was arrested in the Netherlands in March 2022 and extradited to the United States in February 2024. His capture was the result of extensive cooperation between U.S. law enforcement agencies, the Netherlands, and Italy, demonstrating a strong international effort to address the growing cybercrime problem.
Raccoon Infostealer is believed to have compromised millions of computers globally since it emerged in 2018, and Sokolovsky is identified as one of its key administrators.
The malware’s ability to harvest personal data from victims’ devices made it a highly sought-after tool among cybercriminals. Marketed as Malware-as-a-Service (MaaS), it allowed criminals to lease it for around $200 per month, making it accessible to a wide range of malicious actors.
As part of his plea agreement, Sokolovsky has been ordered to pay over $910,000 in restitution to compensate the victims affected by the Raccoon Infostealer malware. In addition to this, he has agreed to forfeit nearly $24,000, reflecting the earnings he made from the criminal operation. This financial restitution aims to address some of the damages caused to the countless victims worldwide.
Despite being taken down in 2022, Raccoon Infostealer has managed to make a comeback. The cybercriminals behind the malware have relaunched it multiple times, introducing more sophisticated versions with enhanced data theft capabilities. The malware continues to be sold through a MaaS model, demonstrating the resilience and adaptability of cybercriminal operations even after major disruptions.
For detailed information straight from the source, refer to the official statement from the U.S. Department of Justice
The FBI has taken steps to assist potential victims of the Raccoon Infostealer by providing a platform where individuals can check if their data has been compromised. By visiting raccoon.ic3.gov, users can input their email addresses to see if their personal information is part of the vast trove of stolen credentials collected by the malware.
