In This Article
In a 17 March 2025 “incident response,” Microsoft revealed that it uncovered a novel remote access trojan (RAT) or StilachiRAT that can steal information from the target system, such as digital wallet information.
According to Microsoft, key capabilities of StilachiRAT includes digital wallet targeting. The malware can scan for configuration data of 20 different cryptocurrency wallet extensions for the Google Chrome browser.
“StilachiRAT targets a list of specific cryptocurrency wallet extensions for the Google Chrome browser,” said Microsoft.
Microsoft Incident Response researchers uncovered a novel remote access trojan (RAT) that demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. https://t.co/MJARVBz2zd
— Microsoft Threat Intelligence (@MsftSecIntel) March 17, 2025
Explore: Next 1000X Crypto: 10+ Crypto Tokens That Can Hit 1000x in 2025
StilachiRAT’s Popular Targets: Bitget, OKX, Coinbase, BNB Chain
First identified by Microsoft’s Incident Response Team in November 2024, StilachiRAT is a sophisticated malware capable of infiltrating devices, stealing sensitive data, and evading detection. It targets over 20 cryptocurrency wallet extensions on Google Chrome, including popular wallets such Bitget, MetaMask, BNB Chain, OKX, Coinbase and more.
Microsoft said that StilachiRAT collects comprehensive system information, including operating system (OS) details, hardware identifiers, camera presence, active Remote Desktop Protocol (RDP) sessions, and running graphical user interface (GUI) applications, allowing detailed profiling of the target system.
🚨 New Malware Alert: Your Crypto Wallets Might Be at Risk! 🚨
Microsoft just uncovered a sneaky new malware called StilachiRAT—and it’s coming straight for your crypto. 👀
Here’s what it does:
🔹 Scans your device for 20+ crypto wallet extensions (including MetaMask, Coinbase… pic.twitter.com/BkUwgJPCL1— Ricards (@Ricardswo) March 18, 2025
StilachiRAT is just one example of how cybercriminals are adapting their methods to exploit vulnerabilities in the crypto ecosystem. In 2024 alone, scammers stole approximately $9.9 billion in on-chain cryptocurrencies—a 40% increase compared to the previous year.
However, Microsoft has not yet attributed StilachiRAT to a specific threat actor or geolocation. But the company continues to monitor information on the delivery vector used in these attacks.
“Malware like StilachiRAT can be installed through multiple vectors; therefore, it is critical to implement security hardening measures to prevent the initial compromise,” warned Microsoft.
Explore: Best Meme Coin ICOs to Invest in March 2025
Key Takeaways
Why you can trust 99Bitcoins
Established in 2013, 99Bitcoin’s team members have been crypto experts since Bitcoin’s Early days.
Weekly Research
100k+Monthly readers
Expert contributors
2000+Crypto Projects Reviewed
Free Bitcoin Crash Course
- Enjoyed by over 100,000 students.
- One email a day, 7 days in a row.
- Short and educational, guaranteed!
In This Article
Maximize Your Trading With Margex’s 20% Deposit Bonus
Hottest Meme Coins to Buy in April? Retail Target Latest Crypto For Mega Gains
AR.IO Brings The Permanent Cloud to AI Storage Crisis
10 Best Crypto Bonuses in 2025 – Top Exchange Offers & Promotions
4 Days Left For Early Investors in World’s First Meme Coin Index: Meme Coin Mcap Hits $56Bn
