Definition of Crisis/Morcut

Crisis/Morcut is a type of malware, specifically a multi-platform backdoor Trojan, that targets both Mac and Windows operating systems. Once installed, it grants attackers remote access, enabling them to execute commands, steal data, or control the infected device. Its primary functionality focuses on gathering login credentials and personal information from the compromised system.


The phonetics of the keyword “Crisis/Morcut” are as follows:Crisis: /ˈkraɪsɪs/Morcut: /ˈmɔrkət/

Key Takeaways

  1. Crisis/Morcut is a highly sophisticated and stealthy piece of malware designed to infect both Windows and macOS operating systems, targeting users’ personal information and sensitive data.
  2. It has the ability to disguise itself as legitimate applications, making it challenging to detect and remove, and can monitor network connections, record keystrokes, capture audio and video, and exfiltrate data to a remote server.
  3. Protecting against Crisis/Morcut requires a combination of good security practices, such as keeping your operating system and applications up-to-date, using a reputable antivirus solution, being cautious with email attachments and website downloads, and regularly backing up your data.

Importance of Crisis/Morcut

The technology term Crisis/Morcut is important as it refers to a sophisticated malware that targets Mac and Windows operating systems, posing a significant threat to users’ security and privacy.

This malicious software, also known as OSX/Morcut.A or CRILOCK, is notable for its ability to secretly infect computers and remain undetected while carrying out various functions, such as intercepting data, capturing keystrokes, and spying on online activities.

Crisis/Morcut effectively demonstrates the evolving nature of cyber threats and the need for robust cybersecurity measures and increased awareness among users to protect their systems and information from such attacks.


Crisis/Morcut, a notorious piece of malware, emerged in the world of cybersecurity with a primary goal of compromising the user’s sensitive data and gaining unauthorized access to their systems. Exhibiting advanced features and evasion techniques, this malware is predominantly used for spying purposes.

Once installed, it actively monitors the user’s activity, infiltrates communications, tracks and records keystrokes, captures screenshots, and exfiltrates data to the attackers. Notably, Crisis/Morcut has been discovered to target various operating systems, such as Windows and Mac, significantly widening its impact and victim base.

Apart from its surveillance capabilities, Crisis/Morcut is also known for its resilience. By exploiting a range of advanced techniques, it is able to bypass security measures and avoid detection by antivirus software.

For instance, it leverages rootkit functionalities to hide from security solutions, employs encryption to communicate with its command and control server, and adopts a polymorphic structure to evade signature-based antivirus scanners. As a result, this malicious software remains a significant threat to individuals and organizations, underlining the importance of advanced threat intelligence and robust security solutions to mitigate the risks associated with Crisis/Morcut.

Examples of Crisis/Morcut

Crisis/Morcut, also known as Malware.OSX.Morcut.A, is a piece of malware that targets macOS and Windows operating systems. It first appeared in 2012 and is known for being highly stealthy and able to affect various components of the operating system for its malicious purposes.Three real-world examples of Crisis/Morcut technology are:

Gathering user information: In 2012, Crisis/Morcut was discovered targeting macOS users on social media platforms to gather user information. This malware was able to infiltrate the victims’ systems and record keystrokes, take screenshots, access private files, and even enable remote desktop functionality on the compromised devices. The hackers could use this information to create a comprehensive profile of the victims, which could lead to identity theft, financial fraud, and other malicious activities.

Uncovering a global spy network: During the initial discovery of Crisis/Morcut, researchers identified its connections to a sophisticated global spy network known as The Mask (or Careto). The network targeted governmental institutions, research facilities, and private individuals in various countries, including the United States and Europe. Crisis/Morcut technology acted as one of the components in this network, gathering important data and providing backdoor access to the infected systems.

Affected Bundlore adware: In 2020, researchers discovered an upgraded version of the macOS Bundlore adware that implemented a range of new features, including sandbox detection, evasion techniques, and additional system checks. Some of these upgrades and evasion techniques are reminiscent of the Crisis/Morcut malware, indicating that its influence and presence may continue to evolve in contemporary threats. This development exemplifies how certain hacking techniques may continue to reappear in newer forms over time.


FAQ: Crisis/Morcut

1. What is Crisis/Morcut?

Crisis/Morcut is a multi-platform malware threat that targets both Windows and macOS operating systems. It is designed to infiltrate infected systems, steal sensitive information, and provide remote access for the attacker. It is also known as OSX/Morcut, and is a versatile and dangerous malware strain that can pose a significant threat to those affected by it.

2. How does the Crisis/Morcut malware spread?

Crisis/Morcut typically spreads through malicious attachments in phishing emails or compromised downloads from illegitimate websites. The malware disguises itself as a legitimate application or file, tricking users into installing it onto their computer. Additionally, it may exploit vulnerabilities in outdated software to automatically deploy itself on vulnerable systems.

3. What are the symptoms of a Crisis/Morcut infection?

Signs of a Crisis/Morcut infection may be subtle, as the malware is designed to operate stealthily. Users may experience sudden slowdowns in computer performance, unusual network activity, or suspicious behavior from seemingly legitimate applications. Unexplained file or data loss can also be an indication of a Crisis/Morcut infection.

4. How can I protect my computer against Crisis/Morcut?

To safeguard your computer against Crisis/Morcut, follow safe browsing practices such as not downloading files from untrusted sources and avoiding suspicious email attachments. Regularly update your operating system and software to patch any potential vulnerabilities that the malware could exploit. Install, update, and regularly run a reputable antivirus program that is capable of detecting and removing malware threats like Crisis/Morcut.

5. How can I remove Crisis/Morcut from my computer?

If you suspect that you have a Crisis/Morcut infection, you should perform a full system scan using a reputable antivirus program. This should detect and remove all traces of the malware from your system. Additionally, be prepared to backup your important files and consider reinstalling the operating system if the infection is severe or stubbornly persistent.


Related Technology Terms


  • Malware
  • Remote Access Trojan (RAT)
  • Cybersecurity
  • Mac OS X Threats
  • Backdoor


Sources for More Information


About The Authors

The DevX Technology Glossary is reviewed by technology experts and writers from our community. Terms and definitions continue to go under updates to stay relevant and up-to-date. These experts help us maintain the almost 10,000+ technology terms on DevX. Our reviewers have a strong technical background in software development, engineering, and startup businesses. They are experts with real-world experience working in the tech industry and academia.

See our full expert review panel.

These experts include:


About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

More Technology Terms

Technology Glossary

Table of Contents