CompaniesPlatform news

Microsoft Uncovers Crypto-Stealing Malware, StilachiRAT, Targeting 20 Wallet Extensions

Photo of News Desk News Desk Send an email 18 March 2025
1 minute read
blockchain and cybersecurity

Microsoft has identified a new remote access trojan (RAT) designed to target cryptocurrency stored in browser-based wallet extensions. The malware, dubbed StilachiRAT, has the capability to steal credentials, digital wallet information, and sensitive clipboard data, posing a significant threat to crypto users.

A Sophisticated Attack on Crypto Wallets

According to Microsoft’s Incident Response Team, StilachiRAT was first detected in November 2023 and has since been analyzed for its potential risks. In a blog post, Microsoft revealed that the malware scans a device’s settings to detect and compromise up to 20 cryptocurrency wallet extensions.

“Analysis of StilachiRAT’s WWStartupCtrl64.dll module revealed various methods used to extract sensitive data from target systems,” Microsoft stated.

Among its capabilities, StilachiRAT can:

  • Extract credentials stored in Google Chrome’s local state file.
  • Monitor clipboard activity to capture passwords and crypto keys.
  • Evade detection using anti-forensic techniques, such as clearing event logs and checking if it’s running in a sandbox to prevent analysis.

A Stealthy and Evolving Threat

While Microsoft has not yet identified the actors behind StilachiRAT, the company warns that its stealth features and the evolving malware ecosystem make it a significant concern, according to Cointelegraph.

“Based on Microsoft’s current visibility, the malware does not exhibit widespread distribution at this time,” the company noted. “However, due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape.”

To mitigate the risk, Microsoft advises users to deploy antivirus software, enable cloud-based anti-phishing tools, and use anti-malware components to protect their digital assets.

Rising Crypto Threats in 2024

The discovery of StilachiRAT comes amid a surge in crypto-related cybercrime. According to blockchain security firm CertiK, losses from crypto scams, hacks, and exploits reached nearly $1.53 billion in February, with the $1.4 billion Bybit hack accounting for most of the damage.

Meanwhile, Chainalysis’ 2025 Crypto Crime Report highlights the increasing professionalization of cybercrime, with AI-driven scams, stablecoin laundering, and organized cyber syndicates fueling an illicit transaction volume of $51 billion in the past year.

As threats continue to evolve, Microsoft’s findings underscore the importance of heightened cybersecurity measures in the crypto space.

* Read our disclaimer
Tags
Photo of News Desk News Desk Send an email 18 March 2025
1 minute read
Photo of News Desk

News Desk

UNLOCK Blockchain News Desk is fueled by a passionate team of young individuals deeply immersed in the world of Blockchain and Crypto. Our mission? To keep you, our loyal reader, on the cutting edge of industry news. Drop us a line at info(@)unlock-bc.com to connect with our team and stay ahead of the curve!

Related Articles

solana

Solana Retracts Controversial Ad Just Hours After Release Following Community Backlash

18 March 2025
ripple

Ripple Labs Eyes Crypto Custody Expansion with New Trademark Filing

18 March 2025
Solana

Solana Nears $1 Trillion in Trading Volume as It Marks Its Fifth Anniversary

17 March 2025
ripple dfsa difc UAE middle east MENA crypto payment license crypto news blockchain news

Ripple Secures DFSA License to Offer Crypto Payments in DIFC

13 March 2025
Back to top button