"Beware: This Cheap and ‘Homemade’ DCRat Malware Is Surprisingly Effective"

DCRat malware provides complete backdoor access to Windows systems. This backdoor malware has existed since 2018 but has been redesigned and relaunched multiple times. It is being sold on several Russian-speaking underground forums for as little as $5 and is said to be the work of one person. When malware is inexpensive, it is often found to have limited capabilities, but DCRat is equipped with various functions. It is capable of stealing usernames, passwords, credit card details, browser history, Telegram login credentials, Steam accounts, Discord tokens, clipboard contents, and more. DCRat also has a keystroke-logging capability to record anything the victim types, thus giving the malicious actors behind the malware full access to nearly everything the victim does after downloading it. According to researchers at BlackBerry, DCRat is written in the JPHP programming language, which is an implementation of PHP that runs on a Java virtual machine. JPHP is considered easy to use and flexible as it is often used by cross-platform game developers, making it an appealing language for developing and updating malware. The researchers say that minor updates and fixes for DCRat are announced almost every day. They warn that DCRat malware is a significant cybersecurity threat because it enables criminals to steal large amounts of information from individuals and organizations while continuously being updated with new capabilities. This article continues to discuss the capabilities, development, and availability of the DCRat malware, and how it can be avoided.   

ZDNet reports "Beware: This Cheap and ‘Homemade’ DCRat Malware Is Surprisingly Effective"