Microsoft has warned of a new malware virus, dubbed StilachiRAT, that can steal crypto wallet information, including usernames and passwords via Google’s Chrome browser.
Researchers have advised users it’s “critical to implement security hardening measures to prevent the initial compromise,” warning crypto wallets at risk include MetaMask, Coinbase Wallet, Phantom, OKX Wallet, and BNB Chain Wallet.
Sign up now for the free CryptoCodex—A daily five-minute newsletter for traders, investors and the crypto-curious that will get you up to date and keep you ahead of the bitcoin and crypto market bull run
BERLIN, GERMANY – APRIL 22: The logo of the webbrowser Google Chrome is shown on the display of a … [+]
“Analysis of the StilachiRAT’s WWStartupCtrl64.dll module that contains the RAT capabilities revealed the use of various methods to steal information from the target system, such as credentials stored in the browser, digital wallet information, data stored in the clipboard, as well as system information,” Microsoft’s incident response researchers wrote in a blog post.
Microsoft researchers added that the source of the virus has not yet been identified.
“Microsoft has not yet attributed StilachiRAT to a specific threat actor or geolocation. Based on Microsoft’s current visibility, the malware does not exhibit widespread distribution at this time,” Microsoft researchers wrote.
“However, due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape.”
The soaring value of bitcoin and other cryptocurrencies in recent years has attracted never-before-seen levels of crypto thefts and hacks, with the Bybit exchange last month suffering a $1.5 billion attack that’s believed to have been carried out by the North Korea-linked Lazarus Group.
