Microsoft has raised an alarm over a newly identified malware, StilachiRAT, designed to infiltrate cryptocurrency wallets and steal sensitive browser data.
The remote access trojan (RAT) is equipped with advanced evasion techniques, making it a serious threat to digital asset holders.
READ ALSO: Buhari welcomes $200m African Development Centre by Microsoft
According to Microsoft, StilachiRAT specifically scans for wallet extensions in Google Chrome, compromising over 20 wallets, including widely used platforms like MetaMask and Coinbase. Once it identifies these extensions, the malware extracts credentials and configuration details, giving cybercriminals access to victims’ funds. It also monitors clipboard activity, searching for cryptocurrency keys or passwords, further increasing the security risks.
Beyond financial theft, StilachiRAT enables attackers to execute remote commands, manipulate registry settings, and clear system logs to maintain persistent access. The malware also conducts reconnaissance on infected devices, gathering detailed system information while employing anti-forensic techniques to evade detection.
Microsoft has advised users to take precautionary measures, as the malware can spread through various attack methods. To reduce risks, users are encouraged to download software only from trusted sources, enable Microsoft Defender real-time protection, and activate SmartScreen to block malicious websites.
Cyberattacks targeting cryptocurrency wallets have become increasingly sophisticated, with hackers continuously refining their methods to exploit security loopholes. The emergence of StilachiRAT underscores the ongoing threats facing the digital asset industry, highlighting the need for stronger cybersecurity measures among users and organizations.