{"id":23977,"date":"2024-02-28T10:56:06","date_gmt":"2024-02-28T18:56:06","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/02\/28\/news-17707\/"},"modified":"2024-02-28T10:56:06","modified_gmt":"2024-02-28T18:56:06","slug":"news-17707","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/02\/28\/news-17707\/","title":{"rendered":"Raccoon Infostealer operator extradited to the United States"},"content":{"rendered":"\n

A Ukrainian national, Mark Sokolovsky, has been indicted for crimes related to fraud, money laundering and aggravated identity theft and extradited to the United States from the Netherlands, the US Attorney\u2019s Office of the Western District of Texas has announced<\/a>.<\/p>\n

In March 2022, around the same time of Sokolovsky\u2019s arrest by Dutch authorities, the FBI and law enforcement partners in Italy and the Netherlands dismantled the digital infrastructure supporting the Raccoon Infostealer, taking its then existing version offline.<\/p>\n

On September 13, 2022, the Amsterdam District Court ordered Sokolovsky\u2019s extradition to Texas, where\u00a0many of his victims were located<\/a>. After the Sokolovsky\u2019s appeal was dismissed<\/a> in June of 2023, the extradition could take place.<\/p>\n

Sokolovsky is suspected of operating the Raccoon Infostealer as a malware-as-a-service (MaaS). This means criminals intent on stealing information could \u201chire\u201d the malware and the infrastructure to steal data from victim computers.<\/p>\n

For this reason Sokolovsky is charged with one count of conspiracy to commit fraud and related activity in connection with computers; one count of conspiracy to commit wire fraud; one count of conspiracy to commit money laundering; and one count of aggravated identity theft. He made his initial court appearance February 9, and is being held in custody pending trial. If convicted, he will be sentenced to a maximum of 20 years for wire fraud and money laundering, five years for computer fraud charges, and a mandatory two-year term for identity theft offenses.<\/p>\n

The Raccoon Infostealer operation is a tightly-run ship, to the extent that customers have digital signatures tied to their executables. If files end up on malware scanning services, the malware authors know exactly where the leak originated.<\/p>\n

Raccoon\u2019s two most popular delivery methods are phishing campaigns (the tried and tested malicious Word document\/Macro combination) and exploit kits. Once data is located on the target system, it is eventually placed into a .zip file and sent to the malware Command and Control (C&C) server.<\/p>\n

The main targets of the stealer are credit card data, autofill entries, browser passwords, and cryptocurrency wallets.<\/p>\n

The FBI identified at least 50 million unique credentials stolen by Raccoon Infostealer from victims worldwide. Because of this, the agency has created a dedicated website,\u00a0raccoon.ic3.gov<\/a>, where potential victims can check if their data has been stolen. All they need to do is to enter their email address. Note, however, that the website only contains data for US-based victims.\u00a0<\/p>\n

The FBI also encourages potential victims to fill out a detailed complaint and share the harm the malware caused them at the FBI\u2019s Crime Complaint Center (IC3)<\/a>.<\/p>\n

Digital Footprint scan<\/strong><\/h2>\n

If you want to find out how much of your own data is exposed online, you can try our\u00a0free Digital Footprint scan<\/a>. Fill in the email address you\u2019re curious about (it\u2019s best to submit the one you most frequently use) and we\u2019ll send you a report.<\/p>\n

\n
\n
\n

SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n

\n

We don’t just report on threats – we help safeguard your entire digital identit<\/strong>y<\/p>\n

Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family’s\u2014personal information by using\u00a0Malwarebytes Identity Theft Protection<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

A Ukrainian national that is being accused of operating the Raccoon Infostealer in a Malware-as-a-Service has been extradited to the US. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[32,23351,19665],"class_list":["post-23977","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-news","tag-raccoon","tag-stealer"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23977","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23977"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23977\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23977"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23977"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23977"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}