Microsoft warns of new malware StilachiRAT that can steal 20 encrypted wallet information from Chrome plugins

According to Foresight News, Microsoft has released a new report warning against malicious software targeting 20 cryptocurrency wallets used in the Google Chrome plugin. Microsoft incident response researchers have raised alerts about a new type of remote access Trojan (RAT) called StilachiRAT, which the team shared in a blog post can deploy "complex techniques to evade detection, persist in target environments, and steal sensitive data. According to the team, the malware was discovered in November 2024 and can steal users' wallet information as well as any credentials stored in the Google Chrome browser, including usernames and passwords. StilachiRAT targets 20 encrypted wallets, including some of the most widely used wallets such as MetaMask, Coinbase Wallet, Phantom, OKX Wallet, and BNB Chain Wallet. Although the malware has not yet spread widely, Microsoft has stated that it cannot determine the entity behind the threat and has developed some mitigation guidelines for current targets, including installing antivirus software.