简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:Microsoft warns of StilachiRAT, a malware stealing data from major crypto wallets. Stay protected with antivirus measures against this evolving threat.
Microsoft has issued an alert about StilachiRAT, a new malware threat aimed at stealing personal data from 20 of the most popular cryptocurrency wallets that function as Google Chrome extensions. This warning comes from Microsoft's Incident Response team, which has been closely monitoring the malware's activity since its discovery in November 2024.
StilachiRAT is especially harmful because of its ability to avoid detection and continue operational on compromised computers. It targets popular crypto wallets as MetaMask, Coinbase Wallet, Phantom, OKX Wallet, and BNB Chain Wallet. The virus may exfiltrate sensitive information, such as crypto wallet credentials and saved browser passwords, putting users at danger.
While the virus has not gone far, Microsoft has been unable to identify the source of the assault. To limit the danger, the organization emphasizes the significance of antivirus protection and other security measures. “Due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape,” the team wrote on its website.
Microsoft is still monitoring StilachiRAT's evolution and has advised users to exercise caution while managing Bitcoin wallets or saving passwords in their browsers. This warning is part of a larger effort to keep people informed about the most recent cybersecurity dangers.
It is not the first time in 2024 that sophisticated malware has grabbed the news. Earlier this year, North Korean hackers allegedly produced malware that evaded Apple's security measures. This was the first known case of malware breaking Apple's macOS operating system using a specific approach, however, it does not function on fully updated systems.
Jamf researchers revealed that malicious applications created in Go and Python with Google's Flutter toolkit were undetected by Microsoft's VirusTotal scanning service. These programs, which were temporarily validated by Apple, featured cryptocurrency-related titles like “New Updates in Crypto Exchange” and “New Era for Stablecoins and DeFi,” revealing the hackers' financial motivation. When one of the applications was activated, it opened a disguised minesweeper game.
It is unknown whether these applications have been distributed to targets or whether they are only a test step for more advanced attacks. However, the virus is consistent with recognized methodologies and domains associated with North Korean cyber activities, suggesting that it is being prepared for broader exploitation.
North Korean hackers have displayed a high degree of skill in their cyberattacks, ranging from attacking Chrome vulnerabilities to allegedly contributing to the Cosmos network's Liquid Stake Module. According to UN statistics, North Korean cyber activities have earned an estimated $3 billion in the last six years.
As the danger landscape evolves, it is critical to be aware and cautious. Microsoft's warning regarding StilachiRAT emphasizes the significance of strong cybersecurity measures to safeguard sensitive data and digital assets. Users should keep their computers up to date, use reputable antivirus software, and avoid storing critical information in browsers or add-ons.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
A 73-year-old retiree in Malaysia recently fell victim to an elaborate investment scam, losing RM62,109 after being lured by the promise of high returns.
Melaka has witnessed a surge in online fraud cases, with a total of 112 reported incidents between January 1 and March 13 this year, resulting in financial losses amounting to approximately RM1.03 million.
BaFin spots red flags at EmexFunding, highlighting hidden risks for investors.
US lawmakers warn Trump‘s crypto dealings and Musk’s unchecked power threaten financial stability, oversight, and public trust. Learn more.