In a recent report, Microsoft has uncovered a new cybersecurity threat targeting cryptocurrency users through a remote access trojan (RAT) that infiltrates digital wallet extensions in Google Chrome. The malware, known as StilachiRAT, was first detected in November 2023 and is designed to steal sensitive information from cryptocurrency holders.
The StilachiRAT operates by extracting credentials stored in browsers, accessing crypto wallet data, and monitoring clipboard activity. It targets 20 popular wallet extensions, including Coinbase Wallet, Trust Wallet, MetaMask, and OKX Wallet, to siphon user funds. The trojan exploits WWStartupCtrl64.dll, a module that facilitates various stealthy data theft techniques, to retrieve login credentials and intercept sensitive details like passwords and crypto keys.
To evade detection, StilachiRAT employs anti-forensics mechanisms such as clearing event logs and detecting sandbox environments. Despite its advanced capabilities, Microsoft has yet to identify the actors behind the malware. The company emphasized the importance of publicly sharing its findings to mitigate the impact of StilachiRAT.
The discovery of this new malware comes at a time when crypto-related cyberattacks are on the rise, with hackers deploying sophisticated tactics to target digital assets. Microsoft recommends that crypto users enhance their security measures by utilizing antivirus software, cloud-based anti-phishing tools, and robust anti-malware protections to minimize the risk of falling victim to such attacks.
The surge in malware attacks on cryptocurrency holders coincides with a significant increase in crypto-related fraud. In February, blockchain security firm CertiK reported $1.53 billion in losses due to crypto scams, hacks, and exploits, with the Bybit hack alone accounting for $1.4 billion of the damage. The crypto crime landscape is evolving into a highly professionalized industry, driven by AI-powered scams, stablecoin laundering, and sophisticated cyber syndicates, with illicit transaction volumes exceeding $51 billion in 2024.
According to the latest report by Immunefi, losses in the crypto ecosystem soared in February 2025, increasing by 20 times compared to January. The total registered losses in January were $73,915,700, which surged to $1,528,342,400 in February due to nine hacks. This marked an 18-fold increase from the same period the previous year, further highlighting the growing threat of cyberattacks in the cryptocurrency space.
As the crypto landscape continues to face escalating risks from cyber threats, it is crucial for users to remain vigilant and implement robust security measures to safeguard their digital assets from malicious actors. Stay informed, stay protected, and stay secure in the ever-changing world of cryptocurrency.