It could also be that they have an alternative source of funding, or perhaps this is a passion project rather than their main source of income. It could be that they’re simply casting a wide net, trying to get a little money from a lot of maliciously minded people. This price range is a curious feature, as it makes it seem like the author is not particularly profit-driven.
#Dirty deeds done dirt cheap professional#
No wonder it’s so popular with professional threat actors as well as script kiddies. The price for this backdoor starts at 500 RUB (less than 5 GBP/US$6) for a two-month subscription, and occasionally dips even lower during special promotions. Sold predominantly on Russian underground forums, DCRat is one of the cheapest commercial RATs we’ve ever come across. Notably, this threat appears to have been developed and maintained by a single person going by the pseudonyms of “boldenis44,” “crystalcoder,” and Кодер (“Coder”). In fact, this threat actor’s commercial RAT sells at a fraction of the standard price such tools command on Russian underground forums.ĭCRat (also known as DarkCrystal RAT) is a commercial Russian backdoor that was first released in 2018, before being redesigned and relaunched a year later. Unlike the well-funded, massive Russian threat groups crafting custom malware to attack universities, hospitals, small businesses and more, this remote access Trojan (RAT) appears to be the work of a lone actor, offering a surprisingly effective homemade tool for opening backdoors on a budget. In the murky underworld of Russian crimeware, DCRat seems to be a bit of a dark horse.
Update 05.27.22 : An unknown APT group is targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Ukraine conflict.
0 kommentar(er)
