Federal prosecutors have charged a 26-year-old Ukrainian national with operating a malware service that was responsible for stealing sensitive data from more than 2 million individuals around the world.
Prosecutors in Texas said on Tuesday that Mark Sokolovsky, 26, of Ukraine helped operate “Raccoon,” an info stealer program that worked using a model known as MaaS, short for malware-as-a-service. In exchange for about $200 per month in cryptocurrency, Sokolovsky and others behind Raccoon supplied customers with the malware, digital infrastructure, and technical support. Customers would then use the service to infect targets with the malware, which would surreptitiously harvest credentials for email and bank accounts, credit cards, cryptocurrency wallets, and other private information.
First seen in April 2019, Raccoon was able to extract sensitive data from a wide range of applications, including 29 separate Chromium-based browsers, Mozilla-based apps, and cryptocurrency wallets from Exodus and Jaxx. Written in C++, the malware can also take screenshots. Once Raccoon has extracted all data from an infected machine, it uninstalls and deletes all traces of itself.