The US Justice Department announced on Monday that a Ukrainian national has pleaded guilty over his role in the operation of a piece of malware named Raccoon Infostealer.

The individual is 28-year-old Mark Sokolovsky. He was arrested in March 2022 in the Netherlands and extradited to the US in February 2024 to face computer hacking, fraud, identity theft and money laundering charges.

When they arrested Sokolovsky, authorities also dismantled the infrastructure used at the time by Raccoon Stealer, but the malware was later resurrected. 

The Justice Department said Sokolovsky pleaded guilty in a Texas court to one count of conspiracy to commit computer intrusions. As part of the plea agreement, the Ukrainian cybercriminal will forfeit nearly $24,000 and pay more than $910,000 in restitution. 

Raccoon Infostealer emerged in 2018 and Sokolovsky is said to be one of its “key administrators”.

The malware, offered through a malware-as-a-service model, enabled users to steal data from infected devices, including login credentials and financial information, which could be used for financial crimes or be sold to other cybercriminals.

Raccoon Infostealer was leased to malicious actors for $200 per month and it infected millions of computers around the world.

The FBI has set up a website where users can check whether their email address shows up in the data stolen by Raccoon Infostealer.

Related: More LockBit Hackers Arrested, Unmasked as Law Enforcement Seizes Servers

Related: Russian TrickBot Malware Developer Sentenced to Prison in US

Related: Russian Sentenced to Prison in US for Selling Stolen Information

Related: Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations