Microsoft Warns of New Malware, StilachiRAT, Targeting Crypto Wallets

March 21, 2025

2 minutes read

StilachiRAT

StilachiRAT: A Growing Threat to Cryptocurrency Users

Microsoft has identified StilachiRAT, a dangerous remote access trojan (RAT) designed to steal data from cryptocurrency wallets and web browsers. The malware actively scans Google Chrome for wallet extensions, targeting at least 20 digital wallets, including:

  • MetaMask
  • Trust Wallet
  • Phantom
  • Coinbase
  • BNB Chain
  • Bitget Wallet

Once it detects these wallets, StilachiRAT extracts credentials and configuration details, allowing attackers to drain funds from victims’ accounts.

DON’T MISS THIS: IMF Deal: Kenya Seeks New Agreement After Scrapping Latest

How StilachiRAT Steals Crypto Assets

This malware goes beyond simply scanning browser data. StilachiRAT also:

  • Monitors clipboard activity to steal copied cryptocurrency keys and passwords
  • Executes remote commands to control infected devices
  • Clears logs and manipulates registry settings for persistence
  • Uses anti-forensic techniques to evade detection
  • Collects detailed system data, including operating system details and active applications
  • Monitors Remote Desktop Protocol (RDP) sessions, allowing hackers to impersonate users

By combining these tactics, attackers can maintain long-term access to compromised systems, increasing the risk for crypto users.

Microsoft’s Security Recommendations

Although StilachiRAT is not yet widespread, Microsoft warns that proactive defense is crucial. The company advises users to:

  • Download software only from official sources
  • Enable Microsoft Defender real-time protection
  • Turn on cloud-delivered security
  • Utilize SmartScreen to block malicious websites

Crypto Industry Faces Persistent Cyber Threats

The cryptocurrency sector has always been a prime target for cybercriminals. Malware attacks and phishing scams continue to evolve, leading to major security breaches.

In one of the largest hacks to date, the $1.4 billion Bybit attack allegedly began with malware disguised as a fake stock investment platform. Similarly, cybercriminals have used social engineering tactics, such as fake job interviews, to distribute malware.

StilachiRAT’s command-and-control (C2) server allows hackers to launch various attacks, including:

  • System reboots
  • Credential theft
  • Application execution
  • Suspending the system
  • Manipulating Windows registry settings

With such advanced capabilities, StilachiRAT poses a serious threat to crypto holders and businesses.

Final Thoughts

Microsoft’s warning highlights the growing sophistication of malware targeting the crypto industry. Users must remain vigilant, implement strong security measures, and stay informed about emerging threats like StilachiRAT.

Share:
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Related Links

Crypto ATM regulation Australia

Australia’s AUSTRAC Puts Crypto ATM Operators on Notice Over Money Laundering Risks

Australia’s financial crimes watchdog, the Australian Transaction Reports and Analysis Centre (AUSTRAC), has issued a ...

African startup funding

African Startups Cross $2 Billion in Funding as 2025 Brings a Cautious Outlook

African Startup Funding Surpasses $2 Billion Amid Changing Market Trends African startup funding reached a ...

Tecno Camon 40 Premier Unveiled: A Feature-Packed Mid-Ranger with Premium Design

Tecno Camon 40 Premier: A Stunning Mid-Range Contender The Tecno Camon 40 Premier has officially ...

EU response to US tariffs

Olaf Scholz Warns U.S. Against Trade Tariffs, Asserts EU’s Readiness to Retaliate

EU Response to US Tariffs: Olaf Scholz Warns Washington Against Trade War German Chancellor Olaf ...

Latest News

Today in History

April 1st is the day in 1955 that the EOKA rebellion against The British Empire begins in Cyprus, with the goal of obtaining the desired unification ("enosis") with Greece.

Exchange Rate Per Dollar

AM Armenian Dram390.977
GH Ghana Cedi15.5004
GM Gambian Dalasi72
GN Guinea Franc8,652.2
NG Nigerian Naira₦1,533.72
CF CFA Franc BEAC606.963
01 Apr · CurrencyRate · USD
CurrencyRate.Today
Check: 01 Apr 2025 06:05 UTC
Latest change: 01 Apr 2025 06:00 UTC
API: CurrencyRate
Disclaimers. This plugin or website cannot guarantee the accuracy of the exchange rates displayed. You should confirm current rates before making any transactions that could be affected by changes in the exchange rates.
You can install this WP plugin on your website from the WordPress official website: Exchange Rates🚀

YOUR THOUGHTS

Let us know what you think

Contact the People’s Paper with feedback on stories and how we could make wapress.africa even better!

newsletter image

Stay up to date with the latest from West Africa Press

Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on WApress.

Subscribe Newsletter!

Be the first to receive our latest contents and more...

Need help?