On Monday, Microsoft issued a critical warning about a newly identified malware, StilachiRAT, which targets cryptocurrency wallets and steals sensitive browser data, including information from Google Chrome.
According to the company website, the malware was described as a remote access trojan (RAT). It employs advanced techniques to evade detection and extract credentials from at least 20 popular wallet extensions, such as MetaMask, Trust Wallet, Coinbase, and Phantom.
Read also: Microsoft announces $297 million investment in AI and cloud computing in South Africa
StilachiRAT potential threat to crypto users
Once installed, StilachiRAT has the power to scan for wallet extensions, extract login credentials, and monitor clipboard activity to capture cryptocurrency keys or passwords.
“StilachiRAT poses a significant risk to digital asset holders by enabling attackers to drain funds from victims’ wallets,” Microsoft stated. The malware also uses anti-forensic techniques, such as clearing event logs and delaying execution, to bypass security defences.
In addition to stealing wallet data, StilachiRAT collects detailed system information, including hardware identifiers and active Remote Desktop Protocol (RDP) sessions. This allows attackers to impersonate users and spread across networks. Microsoft further emphasised that while the malware is not yet widespread, its stealth nature makes it a serious concern.
To mitigate risks, Microsoft advised users to download software only from official sources, enable Microsoft Defender’s real-time protection, and utilise SmartScreen to block malicious websites. “Malware like StilachiRAT can be installed through multiple vectors; therefore, it is critical to implement security hardening measures to prevent the initial compromise,” the company warned.
The discovery calls attention to the increasing advance of cyberattacks targeting the crypto industry. As hackers refine their tactics, users are urged to remain vigilant. “The evolving threat landscape demands proactive measures to safeguard digital assets,” Microsoft added.
This warning comes amid a surge in crypto-related cybercrime, with losses reaching billions annually. Malaysian authorities just recently under the Commercial Crime Investigation Department (CCID) have also echoed these concerns, urging citizens to be cautious of online crypto investments and to remain vigilant against fraudulent schemes.
Read also: How Microsoft Copilot enhances La Liga’s Beyond Statistics
About Microsoft
Microsoft Corporation is a multinational technology company headquartered in Redmond, Washington. Founded by Bill Gates and Paul Allen in 1975, it is one of the world’s largest software companies, best known for its Windows operating system, Microsoft Office suite, and cloud computing services via Microsoft Azure.
The company also develops hardware, including the Surface lineup and Xbox gaming consoles.
Leave a Reply