OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

New variant of Crisis found

Published January 21st, 2014 at 2:12 PM EST , modified January 21st, 2014 at 2:12 PM EST

Intego reported yesterday that they have discovered a new variant of the Crisis malware, which they are calling Crisis.C. The new variant does not yet have a very high detection rate on VirusTotal… perhaps because the code has been obfuscated using MPacker. It is unknown at this time, however, how this malware gets installed.

Crisis, aka Remote Control System DaVinci, is high-priced malware that has been used primarily in targeted attacks by large organizations, such as governments. In all, although it includes some minor new tricks, this malware isn’t much different from previous versions. At the moment, it crashes on Mac OS X 10.8 (Mountain Lion) and 10.9 (Mavericks), though I would guess that this is a bug that will be fixed at some point. The malware is capable of infecting Mac OS X 10.5 (Leopard), 10.6 (Snow Leopard) and 10.7 (Lion).

Tags: ,

One Comment

This post is more than 90 days old and has been locked. No further comments are allowed.