Tuesday, July 15, 2025
LBNN
  • Business
  • Markets
  • Politics
  • Crypto
  • Finance
  • Energy
  • Technology
  • Taxes
  • Creator Economy
  • Wealth Management
  • Documentaries
No Result
View All Result
LBNN

Microsoft uncovers new trojan targeting crypto wallet extensions on chrome

Simon Osuji by Simon Osuji
March 19, 2025
in Crypto
0
Microsoft uncovers new trojan targeting crypto wallet extensions on chrome
0
SHARES
2
VIEWS
Share on FacebookShare on Twitter

Microsoft researchers have identified a new remote access trojan (RAT) named StilachiRAT, designed to steal cryptocurrency wallet data, credentials, and system information while maintaining persistent access to compromised devices, the company disclosed on March 17.

The malware, first detected in November 2024, employs stealth techniques and anti-forensic measures to evade detection.

While Microsoft has not yet attributed StilachiRAT to a known threat actor, security experts warn that its capabilities could pose a significant cybersecurity risk, particularly to users handling crypto.

Sophisticated threat

StilachiRAT is capable of scanning for and extracting data from 20 different cryptocurrency wallet extensions in Google Chrome, including MetaMask, Trust Wallet, and Coinbase Wallet, allowing attackers to access stored funds.

Additionally, the malware decrypts saved Chrome passwords, monitors clipboard activity for sensitive financial data, and establishes remote command-and-control (C2) connections via TCP ports 53, 443, and 16000 to execute commands on infected machines.

The RAT also monitors active Remote Desktop Protocol (RDP) sessions, impersonates users by duplicating security tokens, and enables lateral movement across networks — an especially dangerous feature for enterprise environments.

Persistence mechanisms include modifying Windows service settings and launching watchdog threads to reinstate itself if removed.

To further evade detection, StilachiRAT clears system event logs, disguises API calls, and delays its initial connection to C2 servers by two hours. It also searches for analysis tools such as tcpview.exe and halts execution if they are present, making forensic analysis more difficult.

Mitigation strategies and response

Microsoft advised users to download software only from official sources, as malware like StilachiRAT can masquerade as legitimate applications.

The company also recommended enabling network protection in Microsoft Defender for Endpoint and activating Safe Links and Safe Attachments in Microsoft 365 to guard against phishing-based malware distribution.

Microsoft Defender XDR has been updated to detect StilachiRAT activity. Security professionals are urged to monitor network traffic for unusual connections, inspect system modifications, and track unauthorized service installations that could indicate an infection.

While Microsoft has not observed widespread distribution of StilachiRAT, the company warned that threat actors frequently evolve their malware to bypass security measures. Microsoft said it is continuing to monitor the threat and will provide further updates through its Threat Intelligence Blog.

Mentioned in this article
XRP TurboXRP Turbo

Source link

Related posts

Bitcoin slips below $120k amid US inflation concerns and $461 million liquidation storm

Bitcoin slips below $120k amid US inflation concerns and $461 million liquidation storm

July 15, 2025
Rising Crypto Crime Driven by Lack of Oversight and Retail FOMO

Rising Crypto Crime Driven by Lack of Oversight and Retail FOMO

July 15, 2025
Previous Post

The race to adapt to a world without aid

Next Post

New Country Plans to Reduce 25% of Trade Without US Dollar

Next Post
New Country Plans to Reduce 25% of Trade Without US Dollar

New Country Plans to Reduce 25% of Trade Without US Dollar

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

RECOMMENDED NEWS

FG approves N366 million for reparation of Abuja-Kaduna highway

FG approves N366 million for reparation of Abuja-Kaduna highway

9 months ago
Don’t blame the defence minister for SA deaths in DR Congo – expert

Don’t blame the defence minister for SA deaths in DR Congo – expert

1 year ago

Horoscopes For Week Of July 30th

2 years ago
Nigerian government announces AgriConnect initiative pilot

Nigerian government announces AgriConnect initiative pilot

1 month ago

POPULAR NEWS

  • Ghana to build three oil refineries, five petrochemical plants in energy sector overhaul

    Ghana to build three oil refineries, five petrochemical plants in energy sector overhaul

    0 shares
    Share 0 Tweet 0
  • When Will SHIB Reach $1? Here’s What ChatGPT Says

    0 shares
    Share 0 Tweet 0
  • The world’s top 10 most valuable car brands in 2025

    0 shares
    Share 0 Tweet 0
  • Top 10 African countries with the highest GDP per capita in 2025

    0 shares
    Share 0 Tweet 0
  • Global ranking of Top 5 smartphone brands in Q3, 2024

    0 shares
    Share 0 Tweet 0
  • Privacy Policy
  • Contact

© 2023 LBNN - All rights reserved.

No Result
View All Result
  • Home
  • Business
  • Politics
  • Markets
  • Crypto
  • Economics
    • Manufacturing
    • Real Estate
    • Infrastructure
  • Finance
  • Energy
  • Creator Economy
  • Wealth Management
  • Taxes
  • Telecoms
  • Military & Defense
  • Careers
  • Technology
  • Artificial Intelligence
  • Investigative journalism
  • Art & Culture
  • Documentaries
  • Quizzes
    • Enneagram quiz
  • Newsletters
    • LBNN Newsletter
    • Divergent Capitalist

© 2023 LBNN - All rights reserved.