Mark Sokolovsky, a 26-year-old Ukrainian, has been charged with being part of the criminal operation of the Raccoon Stealer malware-as-a-service (MaaS).
The MaaS (malware-as-a-service) model allows threat actors to hire information-stealing trojans like Raccoon Stealer for $75 per week or $200 per month. Additionally, subscribers get access to an admin interface where they may modify the malware, obtain back the stolen data (also known as logs), and construct new malware.
“This case highlights the importance of the international cooperation that the Department of Justice and our partners use to dismantle modern cyber threats,” said Deputy Attorney General Lisa O. Monaco in the indictment announcement issued by the US Department of Justice.
“As reflected in the number of potential victims and global breadth of this attack, cyber threats do not respect borders, which makes international cooperation all the more critical. I urge anyone who thinks they could be a victim to follow the FBI’s guidance on how to report your potential exposure.”
Sokolovsky was detained in March 2022 and is presently being held in a Dutch prison as he waits to be extradited to the US. The accused can still seek legal reprieve in the US.
Raccoon Stealer is well-known for stealing a variety of data from infected devices, including credit cards, cryptocurrency wallets, email data, cached browser credentials and information, and several other forms of sensitive data from different apps.
This was the latest instance when a Ukrainian was nabbed for cybercrime against US citizens.
Yaroslav Vasinskyi, 22, was charged in August 2021 with conducting one of the most severe ransomware attacks against U.S. targets. Vasinskyi accessed the internal computer networks of several victim companies and deployed Sodinokibi/REvil ransomware to encrypt the data on their computers.
The Ukrainian national with ties to a ransomware group linked to Russia-based actors was taken into custody in Poland in 2021 and was extradited to the United States in March 2022.