A Ukrainian national who operated a sophisticated malware-as-a-service operation has been sentenced to 5 years in federal prison and ordered to pay over $910,000 in restitution.
Mark Sokolovsky, 28, pleaded guilty to conspiracy to commit computer intrusion for his role in operating the Raccoon Infostealer malware, which infected millions of computers worldwide and stole sensitive personal data from victims.
The malware, which was offered as a subscription service for $200 per month, allowed cybercriminals to steal credit card information, email credentials, cryptocurrency wallets, and other confidential data from infected computers. According to court documents, the stolen information was then used to commit financial crimes or sold on underground cybercrime forums.
FBI investigators uncovered more than 50 million unique credentials and forms of identification in the stolen data, including email addresses, bank account details, and credit card numbers. The exact number of victims is still being determined, but authorities believe millions of people worldwide were impacted.
Dutch authorities arrested Sokolovsky in March 2022, leading to an international operation by US, Italian, and Dutch law enforcement that successfully dismantled the malware's command and control infrastructure. However, the Raccoon Infostealer operation has since resurfaced under new management.
As part of his plea agreement, Sokolovsky forfeited nearly $24,000 and was ordered to pay restitution exceeding $910,000. U.S. Attorney Jaime Esparza noted that Sokolovsky played a key role in making sophisticated cybercrime accessible even to amateur criminals through his malware service.
The FBI continues to investigate the full scope of the operation, as investigators believe they have not yet recovered all the data stolen through the Raccoon Infostealer campaign. The agency has established resources to help potential victims determine if their information was compromised.