Low-rent RAT Worries Researchers

Researchers say a hacker is selling access to quality malware for chump change.

For about the price of a cup of Starbucks latte, a hacker is renting out a remote access trojan designed to backdoor targeted networks.

Dubbed as Dark Crystal RAT (or DCRat), the malware is being peddled online to hackers in Russian by a lone rookie malware writer with a penchant for cut-rate pricing.

“DCRat is one of the cheapest commercial RATs we’ve ever come across. The price for this backdoor starts at ($6) for a two-month subscription, and occasionally dips even lower during special promotions,” according to BlackBerry researchers who published their findings on Monday.


BlackBerry said sales of the budget RAT are being facilitated by the cybercriminal that goes by the name “boldenis44” or “crystalcoder.”

Capabilities of the RAT include a “stealer/client executable”, a single PHP page, which serves as the command-and-control endpoint and an administrator tool.

A Breakdown of DCRat

DCRat is, in some ways, amateurish, researchers assert. “There are certainly programming choices in this threat that point to this being a novice malware author,” they wrote.

“The administrator tool is a standalone executable written in the JPHP programming language, an obscure

Read More: https://threatpost.com/low-rent-rat-worries-researchers/179553/