{
	"id": "7f5e37ae-60eb-4cd3-bff2-9a8215805480",
	"created_at": "2026-04-10T03:21:22.990347Z",
	"updated_at": "2026-04-10T03:22:17.295082Z",
	"deleted_at": null,
	"sha1_hash": "039528c78f4b8d71cd4b12deaa9a8dbe62961f80",
	"title": "Newly Unsealed Indictment Charges Ukrainian National with International Cybercrime Operation",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 48182,
	"plain_text": "Newly Unsealed Indictment Charges Ukrainian National with\r\nInternational Cybercrime Operation\r\nPublished: 2022-10-25 · Archived: 2026-04-10 02:36:01 UTC\r\nAUSTIN – A newly unsealed federal grand jury indictment charges Mark Sokolovsky, 26, a Ukrainian national,\r\nfor his alleged role in an international cybercrime operation known as Raccoon Infostealer, which infected\r\nmillions of computers around the world with malware.\r\nAccording to court documents, Sokolovsky, who is currently being held in the Netherlands pursuant to an\r\nextradition request by the United States, conspired to operate the Raccoon Infostealer as a malware-as-a-service or\r\n“MaaS.” Individuals who deployed Raccoon Infostealer to steal data from victims leased access to the malware\r\nfor approximately $200 per month, paid for by cryptocurrency. These individuals used various ruses, such as\r\nemail phishing, to install the malware onto the computers of unsuspecting victims. Raccoon Infostealer then stole\r\npersonal data from victim computers, including log-in credentials, financial information, and other personal\r\nrecords. Stolen information was used to commit financial crimes or was sold to others on cybercrime forums. \r\nIn March 2022, concurrent with Sokolovsky’s arrest by Dutch authorities, the FBI and law enforcement partners\r\nin Italy and the Netherlands dismantled the digital infrastructure supporting the Raccoon Infostealer, taking its\r\nthen existing version offline.\r\nThrough various investigative steps, the FBI has collected data stolen from many computers that cyber criminals\r\ninfected with Raccoon Infostealer. While an exact number has yet to be verified, FBI agents have identified more\r\nthan 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency\r\naddresses, credit card numbers, etc.) in the stolen data from what appears to be millions of potential victims\r\naround the world. The credentials appear to include over four million email addresses. The United States does not\r\nbelieve it is in possession of all the data stolen by Raccoon Infostealer and continues to investigate.\r\nThe FBI has created a website where anyone can input their email address to determine whether it is contained\r\nwithin the U.S. government’s repository of Raccoon Infostealer stolen data. The website is raccoon.ic3.gov. If the\r\nemail address is within the data, the FBI will send an email to that address notifying the user.  Potential victims are\r\nencouraged to fill out a detailed complaint and share any financial or other harm experienced from their\r\ninformation being stolen at FBI’s Internet Crime Complaint Center (IC3) at ic3.gov/Home/FileComplaint.\r\n“This case highlights the importance of the international cooperation that the Department of Justice and our\r\npartners use to dismantle modern cyber threats,” said Deputy Attorney General Lisa O. Monaco. “As reflected in\r\nthe number of potential victims and global breadth of this attack, cyber threats do not respect borders, which\r\nmakes international cooperation all the more critical. I urge anyone who thinks they could be a victim to follow\r\nthe FBI’s guidance on how to report your potential exposure.”\r\n“I applaud the hard work of the agents and prosecutors involved in this case as well as our international partners\r\nfor their efforts to disrupt the Raccoon Infostealer and gather the evidence necessary for indictment and\r\nhttps://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation\r\nPage 1 of 3\n\nnotification to potential victims,” U.S. Attorney Ashley C. Hoff said. “This type of malware feeds the cybercrime\r\necosystem, harvesting valuable information and allowing cyber criminals to steal from innocent Americans and\r\ncitizens around the world. I urge the public to visit the FBI’s Raccoon Infostealer website, find out if their email is\r\nwithin the stolen data, and file a victim complaint through the FBI’s IC3 website.”\r\n“Today’s case is a further reminder the FBI will relentlessly pursue and bring to justice cyber criminals who seek\r\nto steal from the American public,” said FBI Deputy Director Paul Abbate. “We have once again leveraged our\r\nunique authorities, world-class capabilities, and enduring international partnerships to maximize impact against\r\ncyber threats. We will continue to use all available resources to disrupt these attacks and protect American\r\ncitizens. If you believe you’re a victim of this cybercrime, we urge you to visit raccoon.ic3.gov.”\r\n“This case highlights the FBI’s unwavering commitment to work closely with our law enforcement and private\r\nsector partners around the world to hold cybercriminals accountable for their actions and protect the American\r\npeople from cybercrime,” said FBI Special Agent in Charge Oliver E. Rich Jr. “This case also serves as a reminder\r\nto public and private sector organizations of the importance to report internet crime and cyber threats to law\r\nenforcement as soon as possible. Working together is the only way we’re going to stay ahead of rapidly\r\nchanging cyber threats.\"\r\n“This indictment demonstrates the resolve and close cooperation of the Army Criminal Investigation Division and\r\nthe FBI working jointly to protect and defend the United States,” stated Special Agent in Charge Marc Martin,\r\nArmy CID’s Cyber Field Office. “Army CID would also like to thank our law enforcement partners in Italy and\r\nthe Netherlands.”   \r\nSokolovsky is charged with one count of conspiracy to commit computer fraud and related activity in connection\r\nwith computers; one count of conspiracy to commit wire fraud; one count of conspiracy to commit money\r\nlaundering; and one count of aggravated identity theft. The Amsterdam District Court issued a decision on\r\nSeptember 13, 2022, granting the defendant’s extradition to the United States. Sokolovsky has appealed that\r\ndecision.\r\nIf convicted, Sokolovsky faces a maximum penalty of 20 years in prison for the wire fraud and money laundering\r\noffenses, five years for the conspiracy to commit computer fraud charge, and a mandatory consecutive two-year\r\nterm for the aggravated identity theft offense. A federal district court judge will determine any sentence after\r\nconsidering the U.S. Sentencing Guidelines and other statutory factors.\r\nThe FBI’s Austin Cyber Task Force, with the assistance of the Department of the Army Criminal Investigation\r\nDivision (Army CID), is investigating the case. The FBI Austin Cyber Task Force is supported by Army CID,\r\nAustin Police Department, the Naval Criminal Investigative Service, the Round Rock Police Department and the\r\nTexas Department of Public Safety.\r\nVictims of the Raccoon Infostealer can find more information at www.justice.gov/usao-wdtx/victim-assistance-raccoon-infostealer. Assistant U.S. Attorneys Michael C. Galdo and G. Karthik Srinivasan are prosecuting the\r\ncase. The Department of Justice’s Office of International Affairs is assisting with foreign evidence requests and\r\nthe extradition request.\r\nhttps://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation\r\nPage 2 of 3\n\nU.S. Attorney Hoff and Special Agent in Charge Rich would also like to thank the FBI Legal Attachés in Rome,\r\nThe Hague, and Warsaw for their assistance in the investigation and disruption of the Raccoon Infostealer, along\r\nwith the following foreign partners: Ministry of Justice of Italy; Special Unit for the Protection of Privacy and\r\nTechnological Fraud of the Italian Guardia di Finanza; Procura della Repubblica di Brescia; the Netherlands\r\nMinistry of Justice and Security; Netherlands Police; and Netherlands Public Prosecution Service.\r\nAn indictment is merely an allegation and the defendant is presumed innocent until proven guilty beyond a\r\nreasonable doubt in a court of law.\r\n###\r\nSource: https://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation\r\nhttps://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation"
	],
	"report_names": [
		"newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation"
	],
	"threat_actors": [],
	"ts_created_at": 1775791282,
	"ts_updated_at": 1775791337,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/039528c78f4b8d71cd4b12deaa9a8dbe62961f80.pdf",
		"text": "https://archive.orkl.eu/039528c78f4b8d71cd4b12deaa9a8dbe62961f80.txt",
		"img": "https://archive.orkl.eu/039528c78f4b8d71cd4b12deaa9a8dbe62961f80.jpg"
	}
}