New variant of Crisis found
Published January 21st, 2014 at 2:12 PM EST , modified January 21st, 2014 at 2:12 PM EST
Intego reported yesterday that they have discovered a new variant of the Crisis malware, which they are calling Crisis.C. The new variant does not yet have a very high detection rate on VirusTotal… perhaps because the code has been obfuscated using MPacker. It is unknown at this time, however, how this malware gets installed.
Crisis, aka Remote Control System DaVinci, is high-priced malware that has been used primarily in targeted attacks by large organizations, such as governments. In all, although it includes some minor new tricks, this malware isn’t much different from previous versions. At the moment, it crashes on Mac OS X 10.8 (Mountain Lion) and 10.9 (Mavericks), though I would guess that this is a bug that will be fixed at some point. The malware is capable of infecting Mac OS X 10.5 (Leopard), 10.6 (Snow Leopard) and 10.7 (Lion).