• About
  • Privacy Policy
  • Contact
Tech Newsday
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News
No Result
View All Result
Tech Newsday
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News
No Result
View All Result
Tech Newsday
No Result
View All Result
Home Security

Budget-priced RAT is surprisingly effective tool for hackers, say BlackBerry researchers

Howard Solomon by Howard Solomon
May 11, 2022
in Security
0 0
0
One of the reasons the number of cyberattacks keeps escalating is the cost of hacking tools for threat actors keeps dropping. Software-as-a-service offerings are common, but some crooked developers keep the price of their tools low. According to researchers at BlackBerry, one is an inexpensive remote access trojan (RAT) that has been primarily sold on Russian language underground forums for over two years. Called DarkCrystal RAT (or DCRat for short), it’s a “surprisingly effective homemade tool for opening backdoors on a budget,” they said. “DCRat is one of the cheapest commercial RATs we’ve ever come across,” the researchers said in a blog released on Monday. “The price for this backdoor starts at 500 RUB (less than US$6) for a two-month subscription, and occasionally dips even lower during special promotions. No wonder it’s so popular with professional threat actors as well as script kiddies.” The blog is a backgrounder on the trojan, which includes details and indicators of compromise that threat hunters could find valuable. DCRat appears to have been developed and maintained by a single person going by the pseudonyms of “boldenis44,” “crystalcoder,” and Кодер (“Coder”), the researchers said. It includes a keylogger, and can also steal browser cookies, browser stored passwords, browser stored form content , stored credit cards (via Windows DPAPI & Chrome SQLite Database), clipboard contents, Discord tokens and more. There are also plugins available that enable data exfiltration/credential stealing, system manipulation and cryptocurrency mining. It also includes what BlackBerry calls primitive, multi-threaded code to perform different forms of denial of service attacks – including HTTP(S) POST, UDP and TCP – to a specific host and endpoint combination. DCRat’s modular architecture and bespoke plugin framework make it a very flexible option, the researchers said, helpful for a range of nefarious uses. This includes surveillance, reconnaissance, information theft, DDoS attacks, as well as dynamic code execution in a variety of different languages. Affiliates can generate their own client plugins, which can be downloaded and used by subscribers. The DCRat product itself consists of three components:
  • a stealer/client executable;
  • a single PHP page, serving as the command-and-control (C2) endpoint/interface;
  • an administrator tool. The administrator tool is a standalone executable written in the JPHP programming language, an obscure implementation of PHP that runs on a Java virtual machine.
The administrator tool and the backdoor/client are regularly updated with bug fixes and new features. During recent months, the researchers have often seen DCRat clients being deployed with the use of Cobalt Strike beacons through the Prometheus TDS (traffic direction system). Prometheus is a subscription-based malware service that has been used in many high-profile attacks, the blog says, including campaigns against U.S. government institutions in 2021. “The biggest, flashiest threat groups might get their name in lights, but they aren’t necessarily the cybercriminals that keep security practitioners up at night,” said BlackBerry. “Miscreants with too much time on their hands can often cause just as much hassle.” The post Budget-priced RAT is surprisingly effective tool for hackers, say BlackBerry researchers first appeared on IT World Canada.
Tags: BlackBerryDIresearch reports

Subscribe

About Tech News Day

In just 10 minutes you will have all your leadership tech news needs covered. Our Editors browse the top tech news sites for you, get rid of the fluff and post summaries of the best. Our content is created by trained professionals and enhanced for IT leaders using leading edge artificial intelligence.

About

Tech Newsday

Tech News Day picks the new, most relevant tech stories.

Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize these to give you a quick summary and the key takeaways.

SUBSCRIBE

Categories

  • Artificial Intelligence
  • Auto Tech
  • Blockchain
  • Careers & Education
  • Channel Strategy
  • Cloud
  • Communications & Telecom
  • Companies
  • Data & Ananytics
  • Development
  • Digital Transformation
  • Distribution
  • Diversity & Inclusion
  • eCommerce
  • Emerging Tech
  • End User Hardware
  • Engineering
  • Financial
  • Future of Work
  • Governance
  • Government & Public Sector
  • Human Resources
  • Infrastructure
  • IoT
  • Leadership
  • Legal
  • Legislation & Regulation
  • Managed Services & Outsourcing
  • Marketing
  • Mobility
  • Open Source
  • Operations
  • People
  • Podcasts
  • Privacy
  • Security
  • Service
  • SMB
  • Social Networks
  • Software
  • Supply Chain
  • Today's News
  • Top Stories This Week
  • Women in Tech
  • Home
  • Today’s News
  • About
  • Privacy
  • Contact

2022 Tech News Day

No Result
View All Result
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News

2022 Tech News Day

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Why are you leaving?

About Tech News Day

Tech News Day is a daily publication featuring key daily news stories about technology and how it affects businesses. We know that you are busy and that there’s a lot of information coming at you. While there are lots of programs that will curate based on what you have already read or followed, Tech News Day picks the new stories that we feel are most relevant.

Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize these to give you a quick summary and the key takeaways. If you want to do a deeper dive and get even more information, we provide a link to at least one of the longer stories from one of our sources (we are often following stories from more than one source).

We also have a daily podcast, published each morning so that you can get the news stories of the day from wherever you get your podcasts.

We hope you find this to be useful to you in keeping up to date in these challenging times. We love your input and opinions. You can use our feedback widget to rate individual stories or you can write us at NewsDesk@technewsday.com.

Click Here

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00