Microsoft Warns of New Trojan Targeting Crypto in 20 Chrome Wallet Extensions

Microsoft Warns of New Trojan Targeting Crypto in 20 Chrome Wallet Extensions

  • 18.03.2025 00:00
  • cryptonews.com
  • Keywords: Cybersecurity Threat, Crypto Users

Microsoft identifies a new Trojan, StilachiRAT, targeting crypto users through 20 Chrome wallet extensions like Coinbase and MetaMask. The malware steals credentials and evades detection using anti-forensics techniques. Microsoft urges users to enhance security measures to mitigate risks.

Microsoft ReportsMicrosoft NewsCoinbase NewsCoinbase ReportsMSFTsentiment_neutral
open_in_newOriginal article

Estimated market influence

Microsoft

Microsoft

Neutralsentiment_neutral
Analyst rating: Strong buy

Microsoft identified and reported the StilachiRAT malware targeting crypto users through Chrome extensions.

Coinbase Wallet

Negativesentiment_dissatisfied
Analyst rating: N/A

StilachiRAT targets Coinbase Wallet among others, posing a risk to user funds.

Trust Wallet

Negativesentiment_dissatisfied
Analyst rating: N/A

StilachiRAT targets Trust Wallet, risking user assets.

MetaMask

Negativesentiment_dissatisfied
Analyst rating: N/A

StilachiRAT targets MetaMask users, compromising their security.

OKX Wallet

Negativesentiment_dissatisfied
Analyst rating: N/A

StilachiRAT specifically targets OKX Wallet to steal funds.

CertiK

Positivesentiment_satisfied
Analyst rating: N/A

CertiK reported crypto scam losses, highlighting the severity of the issue.

Chainalysis

Positivesentiment_satisfied
Analyst rating: N/A

Chainalysis provided data on crypto crime trends in their 2025 report.

Context

Analysis of Microsoft's Warning on StilachiRAT Trojan Targeting Crypto Wallet Extensions

Key Insights

  • Malware Details:

    • Name: StilachiRAT (remote access trojan).
    • First Detected: November 2023.
    • Targeted Wallets: 20 Chrome extensions, including Coinbase Wallet, Trust Wallet, MetaMask, and OKX Wallet.

  • Functionality:

    • Exploits WWStartupCtrl64.dll module for stealthy data theft.
    • Retrieves login credentials from Chrome's local state file.
    • Intercepts sensitive details like passwords and crypto keys via clipboard activity.
    • Uses anti-forensics to clear event logs and detect sandbox environments.

Market Trends

  • Crypto Crime Surge:
    • February 2025: $1.53 billion in losses from scams, hacks, and exploits.
    • Dominant factor: $1.4 billion hack of Bybit.
    • Chainalysis Report (2025): Crypto crime evolving into professionalized industry with AI-powered scams and stablecoin laundering.

Business Impact

  • Industry Concerns:

    • StilachiRAT poses significant risks to crypto users and businesses due to its advanced evasion techniques.
    • Potential for increased financial losses, reputational damage, and customer trust erosion.

  • Mitigation Measures:

    • Microsoft recommends:
      • Implementing antivirus software.
      • Using cloud-based anti-phishing tools.
      • Strengthening anti-malware protections.

Competitive Dynamics

  • Security Race:
    • Heightened competition among cybersecurity firms to develop advanced threat detection and mitigation solutions.
    • Blockchain security companies like CertiK playing critical roles in identifying and addressing crypto-related threats.

Long-Term Implications

  • Evolving Threat Landscape:

    • Sophisticated malware like StilachiRAT underscores the need for continuous innovation in cybersecurity measures.
    • Potential regulatory scrutiny on crypto platforms to enhance security standards and protect user assets.

  • Investment in Security Technologies:

    • Increased focus on AI-driven threat detection, behavioral analytics, and proactive security monitoring by businesses.