2 min Security

Netherlands extradites suspect behind Raccoon Infostealer to the US

Netherlands extradites suspect behind Raccoon Infostealer to the US

The suspect arrested in the Netherlands behind the Raccoon Infostealer malware was recently extradited to the United States. The court in The Hague already ordered that the request could be granted last year.

The extradition by the Netherlands is important for the U.S. intelligence community to bring the Raccoon Infostealer case to a successful conclusion. Mark Sokolovsky was also detained at the request of the FBI.

Sokolovsky brought the case to the Dutch court during his pre-trial detention to evade the U.S. Justice Department’s extradition request. However, the court in The Hague ruled against him because he could not make a plausible case that he would be treated inhumanely in the US. In the United States, the hacker could face up to 20 years in prison. Sokolovsky allegedly played a significant part in developing and spreading the Raccoon Infostealer malware.

Raccoon Infostealer malware

The Raccoon Infostealer malware served as a malware-as-a-Service (MaaS) between 2018 and early 2022. The malware cost about $200 per month and was deployed in phishing attacks.

In this way, login credentials that gave access to online banking and crypto wallets were extracted. Other personal data was resold on the dark web. The FBI may not yet have been able to trace all the data stolen via the Raccoon software. Through a special website, individuals can check via their e-mail address whether they may have ever been hacked.

Arrest in the Netherlands

The extradited suspect is possibly one of the masterminds behind the malware. He is said to have been responsible for the development and sales activities. After the Russian invasion of his home country of Ukraine, Sokolovsky fled to the Netherlands.

The cybercriminal was finally found in October 2022. This happened by tracking Sokolovsky’s phone, an operational security error while linking a Gmail account with an iCloud account and through Instagram posts from his girlfriend.

In addition, the FBI, Dutch, and Italian authorities managed to take the underlying Raccoon infrastructure offline.

Also read: Cybercrime increasingly turns to as-a-Service tools