Malware targeting cryptocurrency wallets
Microsoft announced the discovery of the Trojan malware "StilachiRAT," which targets popular cryptocurrency wallets such as "MetaMask," "Phantom," and "Coinbase."
This malware was found in November 2024 and allows attackers to extract stored credentials in the Google Chrome browser, putting cryptocurrency keys and passwords at risk.
The malware employs sophisticated techniques such as clipboard monitoring, evading forensic and viral analysis, and clearing event logs, making its detection more difficult.
The targeted wallets also include those based on Bitget, Trust, TronLink, OKX, BNB Chain, and Sui, in addition to many other networks.
Malicious information-stealing software exploits social engineering to deceive users into downloading and executing malicious software.
These tricks range from downloads, showcasing functions, to even fake verification tests that interrupt the user while browsing the web.
There is an opportunity to make huge profits, and the methods used by criminals surpass basic security systems, even corporate-level defense systems.
While Microsoft confirmed that the spread of "StilachiRAT" is still limited in scope, it warns of its danger due to its stealth capabilities and the rapid evolution of its cyber attack methods.
