Remote Access Trojan
DCRat
First seen: 2018-01 • Status: active
Currently Active Threat
DCRat is a cheap Russian hacking tool that criminals can rent. It gives hackers full control over infected computers.
Overview
DCRat is a Russian-origin RAT sold as malware-as-a-service. It is modular and regularly updated with new features.
Also Known As
Dark Crystal RAT, DarkCrystal RAT
How It Spreads
- • Phishing
- • Cracked software
- • Malicious downloads
What It Does
- • Remote access
- • Keylogging
- • Clipboard hijacking
- • File theft
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for DCRat signatures
- • Watch for suspicious .NET activity
MITRE ATT&CK Techniques
T1056, T1115, T1005
If You're Infected
- 1.
Full antivirus scan
- 2.
Reset credentials
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required