Crisis is a rootkit that is also known as Morcut and includes broadly-applicable spyware functions – such as keylogging – along with an impressively-varied set of installation tactics. Unlike most rootkits, Crisis is fully functional for both Windows and Mac OS X environments, besides including installation routines for virtual machines and Windows-based mobile platforms. All variants of Crisis should be considered dangerous and highly-invasive to your PC's privacy, since Crisis can install other PC threats, transfer confidential information to remote attackers or disable important security features. Many PC security companies have developed adequate definitions for Crisis as of the time of this writing and Crisis should be removable by updated anti-malware products, although SpywareRemove.com malware researchers prefer that you avoid falling for Crisis's installation scam (a fake Adobe update) in the first place.
Crisis: A Danger for Most OSes and Quite a Few of the Programs That Reside Within Them
After its installation, Crisis creates a backdoor vulnerability to contact a C&C server. This allows criminals to exercise control over your PC and should be considered a high-level breach of your privacy and security. SpywareRemove.com malware analysts have also noted other attacks by Crisis that can be applied to stealing sensitive information or furthering the contamination of the infected computer, such as:
- Monitoring text, voice and video communications from instant messaging programs like Skype and MSN Messenger.
- Recording keyboard input and even mouse coordinates.
- Taking screenshots.
- Monitoring your webcam and microphone.
- Tracking which websites are visited according to their web addresses.
- Spying on address book entries.
How to Bring an End to This Crisis
Crisis uses rootkit techniques to conceal itself and accomplish many of its attacks, and SpywareRemove.com malware researchers recommend that you use suitably-advanced anti-malware applications to detect and delete Crisis without further problems. Crisis is unlikely to display memory processes or files of its own while Crisis is active, but should be considered open by default unless exceptional measures are taken to disable Crisis. Booting your PC from a clean USB drive, if possible, is recommended.
However, care should be taken when introducing removable devices to a Crisis-infected PC. SpywareRemove.com malware experts have also noted that Crisis includes limited functions to copy itself to removable drives and automatically infect other computers that are exposed to these devices. You should avoid sharing USB drives and other such devices between a Crisis-infected computer and an uninfected system unless you've used anti-malware software to verify that the device is clean.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Crisis may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.