The Crisis module is enabled (automatically or upon a specific action) and recognizes dangerous situations on the machine that may disclose the agent’s presence on the device (i.e.: a network sniffer running). Synchronization and all commands can be temporarily disabled.
This module increases the level of stealthness against protection software.
NOTE: Crisis can be enabled by default on the desktop device to allow the agent to automatically detect dangerous situations, and act accordingly (ie. going silent).
The Crisis module is used to suspend activities that make heavy use of battery power. Based on its settings, this module can temporarily disable some functions.
On a mobile device, the Crisis module must be explicitly started by a specific action (i.e.: agent is started when the battery level is too low) and stopped when the anomalous situation terminates.
NOTE: this module does not create evidence.
On Desktops, the default settings should not be changed unless otherwise suggested by RCS Support Team.
Field | Description |
---|---|
Inhibit network |
Inhibits synchronization when potentially dangerous processes are running. |
Inhibitors (network) | List of processes that, if running, will prevent synchronization. |
Inhibit Hooking | Inhibits program hooking when potentially dangerous processes are running. |
Inhibitors (Hooking ) | List of processes that, if running, will prevent hooking. |
Process | Process to be added to the list. |
In the Mobile version, the functions to be blocked can be specified:
Field | Description |
---|---|
Microphone | if selected, it prevents Mic audio recording |
Calls | if selected, it prevents Call audio recording |
Camera | if selected, it prevents Camera snapshots |
Position | if selected, it prevents GPS use |
Synchronization |
if selected, it prevents synchronization Warning: highly hazardous operation! Before preventing synchronization please contact HackingTeam support service! You agent may be permanently lost |
RCS9.5 | User manual | © COPYRIGHT 2014