Microsoft Warns of New Malware, StilachiRAT, Targeting Crypto Wallets

March 21, 2025

2 minutes read

StilachiRAT

StilachiRAT: A Growing Threat to Cryptocurrency Users

Microsoft has identified StilachiRAT, a dangerous remote access trojan (RAT) designed to steal data from cryptocurrency wallets and web browsers. The malware actively scans Google Chrome for wallet extensions, targeting at least 20 digital wallets, including:

  • MetaMask
  • Trust Wallet
  • Phantom
  • Coinbase
  • BNB Chain
  • Bitget Wallet

Once it detects these wallets, StilachiRAT extracts credentials and configuration details, allowing attackers to drain funds from victims’ accounts.

DON’T MISS THIS: IMF Deal: Kenya Seeks New Agreement After Scrapping Latest

How StilachiRAT Steals Crypto Assets

This malware goes beyond simply scanning browser data. StilachiRAT also:

  • Monitors clipboard activity to steal copied cryptocurrency keys and passwords
  • Executes remote commands to control infected devices
  • Clears logs and manipulates registry settings for persistence
  • Uses anti-forensic techniques to evade detection
  • Collects detailed system data, including operating system details and active applications
  • Monitors Remote Desktop Protocol (RDP) sessions, allowing hackers to impersonate users

By combining these tactics, attackers can maintain long-term access to compromised systems, increasing the risk for crypto users.

Microsoft’s Security Recommendations

Although StilachiRAT is not yet widespread, Microsoft warns that proactive defense is crucial. The company advises users to:

  • Download software only from official sources
  • Enable Microsoft Defender real-time protection
  • Turn on cloud-delivered security
  • Utilize SmartScreen to block malicious websites

Crypto Industry Faces Persistent Cyber Threats

The cryptocurrency sector has always been a prime target for cybercriminals. Malware attacks and phishing scams continue to evolve, leading to major security breaches.

In one of the largest hacks to date, the $1.4 billion Bybit attack allegedly began with malware disguised as a fake stock investment platform. Similarly, cybercriminals have used social engineering tactics, such as fake job interviews, to distribute malware.

StilachiRAT’s command-and-control (C2) server allows hackers to launch various attacks, including:

  • System reboots
  • Credential theft
  • Application execution
  • Suspending the system
  • Manipulating Windows registry settings

With such advanced capabilities, StilachiRAT poses a serious threat to crypto holders and businesses.

Final Thoughts

Microsoft’s warning highlights the growing sophistication of malware targeting the crypto industry. Users must remain vigilant, implement strong security measures, and stay informed about emerging threats like StilachiRAT.

Share:
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Related Links

Stock

Stocks Dip as Trump’s Tax Bill Passes, Focus to July9 Deadline

Global stock markets declined on July 4, 2025, as U.S. President Donald Trump’s sweeping tax-cut ...

OPEC

OPEC+ Considers Larger Oil Output Hike for August

OPEC+, comprising eight key members—Saudi Arabia, Russia, UAE, Kuwait, Oman, Iraq, Kazakhstan, and Algeria, will ...

Angélique Kidjo:First AfricanArtist Honored with Hollywood Walk of Fame

The Beninese music icon and five-time Grammy Award winner Angélique Kidjo has been named a ...

Zambia

Zambia Declares End to Cholera Outbreak

Zambia has officially declared an end to its latest cholera outbreak, marking a significant public ...

Features

Netherlands Returns 119 Looted Benin Bronzes to Nigeria

On Thursday, June 26, 2025, the Netherlands returned 119 looted artifacts, known as the Benin ...

Ngugi-wa-Thiongo

Ngũgĩ wa Thiong’o:Passed the pen to the Next Generation.

Ngũgĩ wa Thiong’o, a legendary Kenyan writer, scholar, and revolutionary voice in African literature passed ...

ECOWAS

ECOWAS Celebrates 50th Anniversary Amid Sahel States Tensions

On May 28, 1975, fifteen West African nations signed the Lagos Treaty, establishing the Economic ...

What Really Moves Bitcoin’s Price? A Comprehensive Guide to the Key Drivers of Volatility and Value

What Really Moves Bitcoin’s Price? A Comprehensive Guide to the Key Drivers of Volatility and Value

​Bitcoin, the pioneering cryptocurrency, has captivated the financial world with its innovative technology and notable ...

Guinea Sets September 2025 Date for Constitutional Referendum as Military Inches Toward Democratic Transition

Guinea Sets September 2025 Date for Constitutional Referendum as Military Inches Toward Democratic Transition

Guinea’s military-led government has officially announced that a national referendum on a new constitution will ...

Ivory Coast economic growth

Côte d’Ivoire’s Economic Boom Faces Political Test in 2025 Election

Ivory Coast’s Economic Success: A Model for West Africa Côte d’Ivoire has emerged as one ...

Phillis Wheatley

Phillis Wheatley: The Trailblazing African American Poet Who Defied Oppression

Phillis Wheatley: A Pioneer in Black Literature and Poetry Phillis Wheatley was a groundbreaking poet ...

Women Participation in Politics

International Women’s Day 2025: Advancing Rights, Equality, and Leadership for African Women

The 2025 International Women’s Day (IWD) theme, “For ALL Women and Girls: Rights. Equality. Empowerment,” ...

Latest News

Today in History

July 7th is the day in 1997 that the Turkish Armed Forces withdraw from northern Iraq after assisting the Kurdistan Democratic Party in the Iraqi Kurdish Civil War.

Exchange Rate Per Dollar

AM Armenian Dram384.7644
GH Ghana Cedi10.3561
GM Gambian Dalasi72.1973
GN Guinea Franc8,678.57
NG Nigerian Naira₦1,530.9
CF CFA Franc BEAC557.497
07 Jul · CurrencyRate · USD
CurrencyRate.Today
Check: 07 Jul 2025 05:05 UTC
Latest change: 07 Jul 2025 05:00 UTC
API: CurrencyRate
Disclaimers. This plugin or website cannot guarantee the accuracy of the exchange rates displayed. You should confirm current rates before making any transactions that could be affected by changes in the exchange rates.
You can install this WP plugin on your website from the WordPress official website: Exchange Rates🚀

YOUR THOUGHTS

Let us know what you think

Contact the People’s Paper with feedback on stories and how we could make wapress.africa even better!

newsletter image

Stay up to date with the latest from West Africa Press

Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on WApress.

Subscribe Newsletter!

Be the first to receive our latest contents and more...

Need help?