Contents:
A recent federal indictment charges Mark Sokolovsky, a Ukrainian national, for partaking in the Raccoon Infostealer worldwide cybercrime operation, which corrupted millions of computers around the world with malware.
Raccoon Stealer is a Trojan that steals information, deployed using the MaaS (malware-as-a-service) approach. Threat actors can subscribe to Raccoon Stealer for $75 per week or $200 per month. They can also get access to the admin panel, which lets them alter the malware to their preference, reclaim the stolen information and design new malware builds.
Raccoon Stealer is widely used because it can collect sensitive data from a broad variety of applications on infected devices, including saved login credentials for web browsers, payment card details, cryptocurrency wallet addresses, and email content, as Bleeping Computer explained.
According to the released indictment, Sokolovsky (aka raccoonstealer, Photix, and black21jack77777) was detained in March 2022 and is presently being held in a Dutch prison for extradition to the United States.
While Dutch police arrested the suspect, the FBI and its partners in the Netherlands and Italy took apart Raccoon Infostealer’s infrastructure and shut down the malware’s current version. Since March, the FBI has collected data taken by Raccoon Stealer malware from compromised computers.
While an exact number has yet to be verified, FBI agents have identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) in the stolen data from what appears to be millions of potential victims around the world. The credentials appear to include over four million email addresses. The United States does not believe it is in possession of all the data stolen by Raccoon Infostealer and continues to investigate.
To help people determine whether or not their information was compromised by the Raccoon Infostealer, the FBI has launched a website that allows anyone to search the database.
People who had their data stolen will receive an e-mail confirmation with additional information, resources, and connections to the email address they supplied when searching the Raccoon Infostealer Disclosure portal of the United States government.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
