Tech Giant Microsoft has discovered a new remote access Trojan (RAT) that targets Crypto, held in 20 Cryptocurrency Wallet Extensions for Google Chrome browsers.
In a blog post on March 17, Microsoft’s Incident Response Team first discovered the malware Stilachirat in November last year, saying it could steal information such as credentials stored in your browser, digital wallet information, and data stored on your clipboard.
After deployment, the bad actor will use Stilachirat to suck up crypto wallet data by scanning device settings to see if any of the 20 Crypto wallet extensions are installed, such as Coinbase wallet, Trust wallet, Metamasco, OKX wallet, etc.
The malware Stilachirat can target ciphers held in 20 different wallet extensions. Source: Microsoft
“Analysis of Stilachirat’s wwstartupctrl64.dll module, including rat functionality, revealed the use of various methods to steal information from the target system,” Microsoft said.
Among other features, malware can extract credentials stored in Google Chrome local state files and monitor clipboard activity for sensitive information such as passwords and Crypto keys.
You can also use detection evasion and anti-rich features, such as the ability to clear the event log and check for signs running in the sandbox to see what is being done to block analysis attempts.
At this point, the tech giant says it can’t identify who is behind the malware, but hopes that sharing publicly available information will reduce the number of people who could be nare.
Related: New Massjacker Malware Targets Copyright Pinvaders and Steals cryptography
“Based on Microsoft’s current visibility, malware does not currently have a wide distribution,” Microsoft said.
“However, due to its stealth capabilities and rapid changes within the malware ecosystem, we share these findings as part of our ongoing efforts to monitor, analyze and report on the evolving threat landscape.”
Microsoft suggests avoid falling prey to malware. Users must place antivirus software, cloud-based anti-phishing, and anti-malware components on their devices.
Crypto fraud, exploits and hacking losses totaled nearly $1.53 billion in February, with $1.4 billion of BYBIT hacks accounting for the loss, according to blockchain security company Certik.
Blockchain analytics firm Chain Orisis said in its 2025 Crypto Crime Report that crypto crime has entered an era of specialisation dominated by AI-driven fraud, stubcoin laundering and efficient cyber syndicates.
Magazine: Absurd “Chinese Mint” Cryptograph Scam, Japan’s Absurd Scam: Asia Express
