Cointime

Cointime

Download App
iOS & Android

Microsoft warns of new remote access trojan targeting crypto wallets

Tech giant Microsoft has discovered a new remote access trojan (RAT) that targets crypto held in 20 cryptocurrency wallet extensions for the Google Chrome browser. 

Microsoft’s Incident Response Team said in a March 17 blog post that it first discovered the malware StilachiRAT last November and found it can steal information such as credentials stored in the browser, digital wallet information and data stored in the clipboard. 

After deployment, the bad actors can use StilachiRAT to siphon crypto wallet data by scanning for the configuration information for 20 crypto wallet extensions, including Coinbase Wallet, Trust Wallet, MetaMask and OKX Wallet. 

“Analysis of the StilachiRAT’s WWStartupCtrl64.dll module that contains the RAT capabilities revealed the use of various methods to steal information from the target system,” Microsoft said. 

Among its other capabilities, the malware can extract credentials saved in the Google Chrome local state file and monitor clipboard activity for sensitive information like passwords and crypto keys

It can also use detection evasion and anti-forensics features, like the ability to clear event logs and check for signs it’s running in a sandbox to block analysis attempts, according to Microsoft.

At the moment, the tech giant says it can’t pinpoint who is behind the malware but hopes that publicly sharing information will lower the number of people who might be snared. 

“Based on Microsoft’s current visibility, the malware does not exhibit widespread distribution at this time,” Microsoft said. 

“However, due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape.”

Microsoft suggests to avoid falling prey to malware; users should have antivirus software, cloud-based anti-phishing and anti-malware components on their devices. 

Losses to crypto scams, exploits and hacks totaled nearly $1.53 billion in February, with the $1.4 billion Bybit hack accounting for the lion’s share of losses, according to blockchain security firm CertiK.

Blockchain analytics firm Chainalysis said in its 2025 Crypto Crime Report that crypto crime has entered a professionalized era dominated by AI-driven scams, stablecoin laundering, and efficient cyber syndicates, with the past year witnessing $51 billion in illicit transaction volume. 

Comments

All Comments

Recommended for you

  • BitMine increased its holdings by approximately 138,400 ETH last week, bringing its total holdings to over 3.86 million ETH.

    as of 8 PM Eastern Time on December 7, BitMine's cryptocurrency holdings include: 3,864,951 ETH (an increase of 138,452 ETH compared to last week), valued at approximately $13.2 billion at current prices; 193 BTC, $36 million shares of EightcoHoldings (Nasdaq code: ORBS), and $1 billion in unsecured cash.

  • Robinhood plans to launch altcoin contracts and reduce fees.

    Robinhood announced on Monday plans to attract more high-level, high-volume cryptocurrency traders in the US and EU by launching new features including reduced fees and increased leverage for altcoin futures. The company stated in a release that it has expanded the available fee tiers in the US from three to seven, "offering rates as low as 0.03% for high-volume users." In the EU, users wishing to trade perpetual futures can now trade new pairs of XRP, DOGE, SOL, and SUI, with eligible customers able to trade with up to 7x leverage.

  • Hassett: Trump will release a lot of positive economic news.

     White House National Economic Council Director Hassett: Trump will announce a large number of positive economic news.

  • White House economic advisor Hassett: Interest rates should continue to be lowered.

     White House economic advisor Hassett expressed views on the Federal Reserve, stating that interest rates should continue to be lowered. Regarding how low the rates should be reduced, he said it is necessary to closely monitor the data situation. He also stated that it would be irresponsible to announce interest rate commitments for the next six months at this time.

  • Hyperliquid adds STABLE perpetual contracts

     according to official news, Hyperliquid has newly launched the STABLE/USDC perpetual contract, with up to 3x leverage available.

  • Tether mints 1 billion USDT on the Tron network.

    according to Whale Alert monitoring, at 21:05:18 Beijing time, Tether Treasury minted 1 billion USDT on the TRON network.

  • Paradigm invests $13.5 million in Brazilian stablecoin startup Crown.

    crypto venture capital firm Paradigm announced an investment of $13.5 million in Brazilian stablecoin startup Crown. This round of financing values Crown at $900 million. The BRLV stablecoin created by Crown is pegged to the Brazilian real and fully backed by Brazilian government bonds, becoming the largest emerging market stablecoin globally. Unlike the zero-interest Tether, BRLV offers institutional clients up to 15% Brazilian benchmark interest rate returns, with subscriptions exceeding 360 million reais (approximately $66 million) so far.

  • Binance: Users with at least 250 points can claim a 2000-STABLE airdrop.

    according to official information, users holding at least 250 Binance Alpha points can claim an airdrop of 2000 STABLE tokens on the Alpha event page. If the event is not over, the score threshold will automatically decrease by 10 points every five minutes. Please note that claiming the airdrop will consume 15 Binance Alpha points. Users need to confirm the claim on the Alpha event page within 24 hours, otherwise it will be considered as a waiver of the airdrop.

  • BlackRock submits application to pledge the iShares Ethereum Trust ETF

    Bloomberg analyst Eric Balchunas stated that BlackRock has submitted the formal prospectus (Form S-1) for the iShares Staked Ethereum Trust ETF to the U.S. SEC, which will become its fourth crypto-related ETF product. Previously, BlackRock had applied for spot Bitcoin, spot Ethereum, and "Bitcoin Yield" ETFs.

  • BlackRock transferred approximately 1,197 BTC, worth over $110 million, to Coinbase.

    according to Arkham monitoring data, after depositing 24,791 ETH (approximately 78.3 million USD) into Coinbase Prime, BlackRock has just transferred a total of about 1,197 bitcoins, worth approximately 110.15 million USD, to the Coinbase Prime address.

Daily Must-Read

Popular Activities

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

April 30 - April 30
Dubai

Popular Tags

Cointime
News
Contents
RSS
Company