CoinInsight360.com logo CoinInsight360.com logo
America's Social Casino
cryptonews 2025-03-18 08:14:33

Microsoft Warns of New Trojan Targeting Crypto in 20 Chrome Wallet Extensions

Microsoft has identified a new cybersecurity threat targeting cryptocurrency users, uncovering a remote access trojan (RAT) that infiltrates digital wallet extensions in Google Chrome. The tech giant’s Incident Response Team revealed in a March 17 report that the malware, dubbed StilachiRAT, is designed to steal sensitive information from cryptocurrency holders. First detected in November 2023, StilachiRAT operates by extracting credentials stored in browsers, accessing crypto wallet data, and monitoring clipboard activity. New Malware Targets 20 Crypto Wallet Extensions to Steal User Funds Once installed on a device, the malware scans for the presence of 20 targeted wallet extensions, including Coinbase Wallet, Trust Wallet, MetaMask, and OKX Wallet, to siphon user funds. Microsoft’s analysis found that the trojan exploits WWStartupCtrl64.dll, a module that facilitates various stealthy data theft techniques. StilachiRAT can retrieve login credentials saved in the Google Chrome local state file and intercept sensitive details, such as passwords and crypto keys, from clipboard activity. It also employs anti-forensics mechanisms to evade detection by clearing event logs and detecting sandbox environments, which helps cybercriminals bypass security monitoring. Despite its advanced capabilities, Microsoft has yet to identify the actors behind the malware. However, the company stressed that publicly sharing its findings could help mitigate its impact. New Malware Alert — Microsoft warns of StilachiRAT, a stealthy remote access trojan that: Steals browser passwords & clipboard data Targets crypto wallets Executes remote commands & monitors RDP sessions Evades detection by clearing event logs Read:… pic.twitter.com/IPYbUdlxcT — The Hacker News (@TheHackersNews) March 18, 2025 Microsoft noted that while StilachiRAT has not yet spread on a large scale, its ability to evade detection and rapidly evolve makes it a significant concern. “Based on Microsoft’s current visibility, the malware does not exhibit widespread distribution at this time,” the company said. “However, due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape.” Crypto Cyberattacks Surge as Hackers Deploy Sophisticated Tactics The discovery comes amid a surge in crypto-related cyberattacks, with hackers increasingly targeting digital assets through sophisticated methods. Microsoft advised crypto users to strengthen their security measures by implementing antivirus software, cloud-based anti-phishing tools, and strong anti-malware protections to minimize risk. The rise in malware attacks on cryptocurrency holders coincides with an alarming spike in crypto-related fraud. Blockchain security firm CertiK reported that crypto scams, hacks, and exploits led to $1.53 billion in losses in February, with the $1.4 billion Bybit hack accounting for the bulk of the damage. Meanwhile, Chainalysis’ 2025 Crypto Crime Report highlighted how crypto crime is evolving into a highly professionalized industry, driven by AI-powered scams, stablecoin laundering, and sophisticated cyber syndicates, with illicit transaction volumes surpassing $51 billion last year. In February 2025, losses in the crypto ecosystem increased by 20x month-over-month compared with January 2025, according to the latest report by major blockchain security platform Immunefi . In January, registered losses stood at $73,915,700. Just a month later, this figure jumped to $1,528,342,400. The latter was the result of nine hacks. Additionally, the February number is an 18x increase from the same time a year prior. In February 2024, registered losses were $81,603,400. The post Microsoft Warns of New Trojan Targeting Crypto in 20 Chrome Wallet Extensions appeared first on Cryptonews .

阅读免责声明 : 此处提供的所有内容我们的网站,超链接网站,相关应用程序,论坛,博客,社交媒体帐户和其他平台(“网站”)仅供您提供一般信息,从第三方采购。 我们不对与我们的内容有任何形式的保证,包括但不限于准确性和更新性。 我们提供的内容中没有任何内容构成财务建议,法律建议或任何其他形式的建议,以满足您对任何目的的特定依赖。 任何使用或依赖我们的内容完全由您自行承担风险和自由裁量权。 在依赖它们之前,您应该进行自己的研究,审查,分析和验证我们的内容。 交易是一项高风险的活动,可能导致重大损失,因此请在做出任何决定之前咨询您的财务顾问。 我们网站上的任何内容均不构成招揽或要约