At the moment, the tech giant says it can’t pinpoint who is behind the malware but hopes that publicly sharing information will lower the number of people who might be snared. Related: New MassJacker malware targets piracy users, steals crypto“Based on Microsoft’s current visibility, the malware does not exhibit widespread distribution at this time,” Microsoft said. “However, due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape.”Microsoft suggests to avoid falling prey to malware; users should have antivirus software, cloud-based anti-phishing and anti-malware components on their devices. Losses to crypto scams, exploits and hacks totaled nearly $1.53 billion in February, with the $1.4 billion Bybit hack accounting for the lion’s share of losses, according to blockchain security firm CertiK.
Tech giant Microsoft has discovered a new remote access trojan (RAT) that targets crypto held in 20 cryptocurrency wallet extensions for the Google Chrome browser. Microsoft’s Incident Response Team said in a March 17 blog post that it first discovered the malware StilachiRAT last November and found it can steal information such as credentials stored in the browser, digital wallet information and data stored in the clipboard. After deployment, the bad actors can use StilachiRAT to siphon crypto wallet data by scanning for the configuration information for 20 crypto wallet extensions, including Coinbase Wallet, Trust Wallet, MetaMask and OKX Wallet. The malware StilachiRAT can target crypto held in 20 different wallet extensions.
Source: Microsoft“Analysis of the StilachiRAT’s WWStartupCtrl64.dll module that contains the RAT capabilities revealed the use of various methods to steal information from the target system,” Microsoft said. Among its other capabilities, the malware can extract credentials saved in the Google Chrome local state file and monitor clipboard activity for sensitive information like passwords and crypto keys. It can also use detection evasion and anti-forensics features, like the ability to clear event logs and check for signs it’s running in a sandbox to block analysis attempts, according to Microsoft.
or
Share This Story
Article Details
Author / Journalist: Cointelegraph by Stephen Katte
The story "Microsoft warns of new remote access trojan targeting crypto wallets" has 418 words across 12 sentences, which will take approximately 2 - 4 minutes for the average person to read.
Which news outlet covered this story?
The story "Microsoft warns of new remote access trojan targeting crypto wallets" was covered 19 hours ago by Coin Telegraph, a news publisher based in United States.
How trustworthy is 'Coin Telegraph' news outlet?
Coin Telegraph is a fully independent (privately-owned) news outlet established in 2013 that covers mostly crypto news.
The outlet is headquartered in United States and publishes an average of 353 news stories per day.
It's most recent story was published 8 hours ago.
What do people currently think of this news story?
The sentiment for this story is currently Positive, indicating that people regard this as "good news".
How do I report this news for inaccuracy?
You can report an inaccurate news publication to us via our contact page. Please also include the news #ID number and the URL to this story.
