Ukrainian Running Malware Service Amassed 50M Credentials

Getty Images | Charles O’Rear reader comments

22 with 20 posters participating

Share this story

Federal prosecutors have charged a 26-year-old Ukrainian national with operating a malware service that was responsible for stealing sensitive data from more than 2 million individuals around the world.

Prosecutors in Texas said on Tuesday that Mark Sokolovsky, 26, of Ukraine helped operate “Raccoon,” an info stealer program that worked using a model known as MaaS, short for malware-as-a-service. In exchange for about $200 per month in cryptocurrency, Sokolovsky and others behind Raccoon supplied customers with the malware, digital infrastructure, and technical support. Customers would then use the service to infect targets with the malware, which would surreptitiously harvest credentials for email and bank accounts, credit cards, cryptocurrency wallets, and other private information.

First seen in April 2019, Raccoon was able to extract sensitive data from a wide range of applications, including 29 separate Chromium-based browsers, Mozilla-based apps, and cryptocurrency wallets from Exodus and Jaxx. Written in C++, the malware can also take screenshots. Once Raccoon has extracted all data from an infected machine, it uninstalls and deletes all traces of itself.

An indictment unsealed on Tuesday said more than 2 million victims had personal data stolen through Raccoon. To date, prosecutors said they have recovered more than 50 million unique credentials and forms of identification taken in the operation and believe there’s more stolen data that has yet

Read more

Explore the site

More from the blog

Latest News