Microsoft has issued a warning about a new malware, StilachiRAT, which poses a threat to cryptocurrency users by stealing data from browsers and cryptocurrency wallets.
Description of StilachiRAT Threat
StilachiRAT is a remote access trojan (RAT) designed to stealthily exfiltrate sensitive data. It targets over 20 cryptocurrency wallets, including MetaMask, Trust Wallet, and others. Once on a device, the malware actively searches for crypto wallets and can remotely execute commands, extract user data, and manipulate system settings.
Malware Operating Mechanism
StilachiRAT monitors clipboard activity, searching for copied cryptographic keys and passwords. The malware can clear logs and detect analysis tools to remain undetected. Key capabilities include gathering device information, such as OS details and active applications, and monitoring RDP sessions to impersonate users.
Recommendations for Protection
Microsoft advises adhering to security measures: download software only from official sources, enable Microsoft Defender real-time protection, and use Smartscreen to block suspicious websites. The tech giant emphasizes the importance of security hardening to prevent initial compromise.
StilachiRAT poses a significant risk to cryptocurrency users, prompting Microsoft to recommend enhanced security measures to safeguard data against such threats.
