Microsoft Warns of Advanced Malware Targeting Cryptocurrency Wallets

StilachiRAT uses sophisticated techniques to steal credentials from over 20 crypto wallets, including MetaMask and Coinbase Wallet, while evading detection.

Microsoft researchers have discovered StilachiRAT, a remote access trojan targeting popular cryptocurrency wallets such as MetaMask, Coinbase Wallet, and Phantom.
The malware can extract and decrypt saved credentials, monitor clipboard content for sensitive information, and steal cryptocurrency keys and passwords.
StilachiRAT employs advanced anti-forensic techniques, including clearing event logs and evading detection, to persist in infected systems.
The malware specifically targets wallets associated with the Tron network, which is widely used in China, raising regional cybersecurity concerns.
Although its distribution remains limited, Microsoft has issued mitigation guidelines, including using antivirus software and avoiding unofficial downloads, to reduce risks.