Microsoft has discovered a new Remote Access Trojan (RAT) called StilachiRAT that targets 20 cryptocurrency wallet extensions in the Google Chrome browser. This malware is capable of stealing sensitive information such as credentials, digital wallet data, and clipboard information. StilachiRAT can extract digital currency wallet data by scanning the configurations of wallet extensions including Trust Wallet, MetaMask, Coinbase Wallet, and OKX Wallet. The malware also has evasion and anti-forensic capabilities. Microsoft has not yet identified the operators of this malware, but hopes to reduce the potential number of victims by sharing information publicly. To prevent malware infection, users should utilize antivirus software and cloud-based anti-phishing and anti-malware components.
