Mark Sokolovsky, 26, is under arrest in the Netherlands. He created and “rented” the malicious software that infected over 50 million computers in the world.
A 26-year-old Ukrainian was arrested as part of an international operation conducted by the Brescia Prosecutor’s Office and the Guardia di Finanza who collaborated with the FBI in the fight against cybercrime.
The 26-year-old, Mark Sokolovsky, imprisoned in the Netherlands last March, is believed to be the creator of a computer virus that has spread internationally: it was he who created and managed the malware known as Raccoon Infostealer, which infected millions of personal computers around the world. According to the US authorities, the Ukrainian citizen, currently detained in the Netherlands following an international arrest warrant issued by the United States, would have managed the creation and initial spread of malware-as-a-service, or “MaaS”, a type of malicious software created on commission for profit.
Criminals interested in using the illegal platform to steal victims’ personal data could use Raccoon Infostealer simply by “renting” access to the malware for about $ 200 per month, paid for in cryptocurrency. To spread the malware, the “renters” have adopted various tricks, such as e-mail phishing, to install it on the computers of unsuspecting victims.
In this way, Raccoon Infostealer was able to obtain personal data, including login credentials, financial information and other sensitive personal information. Such information may subsequently have been used to commit other financial crimes or be sold to others to commit new crimes, or it may have been exchanged on dark web forums used by cybercrime.
The FBI, in collaboration with the Public Prosecutor’s Office of Brescia and the Special Unit for the Protection of Privacy and Technological Fraud of the Guardia di Finanza of Rome and the Dutch police, has dismantled the digital infrastructure in support of Raccoon Infostealer, putting the malware offline.
Through various investigative steps, the FBI collected stolen data from many computers that had been infected with the malware, the number of which has yet to be quantified. But FBI agents have already identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers) among the stolen data. It is therefore assumed that there may be millions of potential victims all over the world, including Italians (the credentials referring only to email addresses seem to exceed four million).
The young Ukrainian hacker, creator of the Raccoon Infostealer malware, awaiting extradition to the United States, is accused of having committed various computer crimes, telematic fraud and money laundering.
The FBI also wanted to thank the assistance given by the Italian authorities in the course of international investigations. It appears, in fact, that in Italy there were servers on which parts of the malicious software were installed, ready for distribution, servers that have been subjected to seizure.
“This case highlights the importance of the international cooperation that the Justice Department and our partners use to dismantle modern cyber threats,” said US Deputy Attorney General Lisa O. Monaco. “As can be seen from the number of potential victims and the global scale of this attack, cyber threats do not respect borders, which makes international cooperation even more critical. I urge anyone who thinks they may be a victim to follow the FBI’s guidance on how to report their potential exposure. “