Microsoft has identified a new remote access trojan (RAT) named StilachiRAT, which specifically targets cryptocurrency wallets and browser-stored credentials. The company’s Incident Response Team first detected the malware in November 2024 and has now issued a public warning to help mitigate its impact before it spreads further.
According to Microsoft’s analysis, StilachiRAT is designed to steal sensitive information, including credentials stored in the Google Chrome browser, clipboard data, and digital wallet information. The malware scans infected systems for crypto wallet extensions such as MetaMask, Coinbase Wallet, Trust Wallet, and OKX Wallet, making it a direct threat to crypto holders.
Once deployed, the malware can extract saved credentials, monitor clipboard activity for private keys and passwords, and establish communication with a remote command-and-control (C2) server.
It uses advanced evasion tactics, including clearing event logs and checking for sandbox environments to prevent detection. Microsoft has not yet attributed the malware to a specific group or region, but its stealth capabilities indicate a sophisticated actor behind its development.
While StilachiRAT has not yet reached widespread distribution, Microsoft warns that its ability to operate undetected makes it a serious risk. The company recommends using updated antivirus software, cloud-based anti-phishing tools, and strong endpoint security to mitigate potential threats.
The discovery of StilachiRAT comes amid a broader rise in crypto-related cybercrime. Recent reports from blockchain security firm CertiK revealed that losses from hacks, scams, and exploits in February alone totaled nearly $1.53 billion, with the Bybit hack accounting for a significant portion.
Meanwhile, Chainalysis’ 2025 Crypto Crime Report highlights an ongoing shift toward AI-driven scams, stablecoin laundering, and organized cybercrime networks, with illicit crypto transactions surpassing $51 billion over the past year.
Singapore, 9th May 2025, ZEX PR WIRE, WEMIX, the blockchain-powered gaming platform by WEMADE, has…
The second day of the annual event put the spotlight on governments, with top officials…
Dubai, UAE, 8th May 2025, ZEX PR WIRE, SANS Institute, the global leader in cybersecurity training…
Industry-First Solution Sets a New Standard for Attack Surface Reduction and Endpoint Security Through Dynamic,…
Engineering Enterprise Resilience with the Latest OT Cybersecurity Solutions Dubai, UAE, 8th May 2025, ZEX…
The company reinforces its leadership by scaling regional support, strengthening alliances and empowering local customers…