News
Microsoft Discovers Advanced Malware Targeting Coinbase, MetaMask, Trust Wallets
token_sale
token_sale

Join the Yellow Network Token Sale Secure Your Spot

Join Now
token_sale

Microsoft Discovers Advanced Malware Targeting Coinbase, MetaMask, Trust Wallets

Microsoft Discovers Advanced Malware Targeting Coinbase, MetaMask, Trust Wallets

Microsoft's incident response team has identified a new remote access trojan (RAT) designed to compromise cryptocurrency holdings by targeting digital wallet extensions. The malware, dubbed StilachiRAT, can gather system information, steal login credentials, and extract data from cryptocurrency wallets across multiple platforms.

The trojan specifically targets at least 20 popular cryptocurrency wallet extensions for Google Chrome, including widely-used options such as Metamask, Trust Wallet, Coinbase Wallet, and Phantom. Microsoft's investigation revealed the malware's ability to access registry settings to validate which extensions are installed. Once identified, it can extract sensitive data potentially giving attackers access to victims' digital assets.

"StilachiRAT targets a list of specific cryptocurrency wallet extensions for the Google Chrome browser. It accesses the settings in the following registry key and validates if any of the extensions are installed," Microsoft stated in its March 17 security bulletin. Though the malware has not yet achieved widespread distribution, security experts express significant concern about its sophistication and potential impact.

The malware begins its attack cycle with a reconnaissance phase where it collects information about the victim's operating system, hardware identifiers, and active sessions. It then focuses on credential theft, targeting passwords stored in Chrome and monitoring clipboard data where users frequently copy sensitive information like wallet keys or passwords. This multi-stage approach allows attackers to gather comprehensive data before initiating any theft.

Microsoft's security team highlighted StilachiRAT's advanced anti-forensic capabilities as particularly concerning. The trojan can delete event logs and assess system conditions to avoid detection mechanisms. These evasive techniques make identification and removal significantly more challenging for standard security tools.

To mitigate risks, Microsoft advises users to implement several security measures immediately. "In some cases, remote access trojans can masquerade as legitimate software or software updates. Always download software from the official website of the software developer or from reputable sources," Microsoft emphasized in its advisory. The company also recommends enabling real-time protection in Microsoft Defender and using browsers with SmartScreen to help block malicious websites.

Additional security recommendations include enabling multi-factor authentication for all accounts and maintaining current software updates across all applications. These fundamental security practices can substantially reduce vulnerability to this and similar threats.

The discovery comes amid growing concerns about cryptocurrency-related crime. According to Chainalysis' 2025 Crypto Crime Trends report, illicit cryptocurrency transactions currently range between $40 billion and $50 billion annually. These funds are acquired through various methods, including ransomware attacks, sophisticated malware operations, and other cybercriminal activities.

The report further projects that the volume of illicit crypto transactions in 2024 could exceed $51 billion, representing an average annual increase of 25% between reporting periods. This trend indicates an escalating sophistication in attacks targeting digital assets as cryptocurrency adoption continues to expand worldwide.

Security analysts emphasize that as cryptocurrency holdings become more mainstream, users should expect increasingly targeted attacks designed to compromise these assets. The discovery of StilachiRAT represents a significant evolution in the tactics employed by cybercriminals seeking to exploit digital currency holders.

Disclaimer: The information provided in this article is for educational purposes only and should not be considered financial or legal advice. Always conduct your own research or consult a professional when dealing with cryptocurrency assets.
Latest News
Show All News
Web3 Gaming Token MAVIA Jumps 78% Following Developer Updates
2 hours ago
Heroes of Mavia (MAVIA) has catapulted back onto the cryptocurrency radar, surging 78% in a single day and erasing months of decline. The gaming token climbed from $0.11 over the weekend to $0.6632, b
Hacking Operations Make North Korea World's Third-Largest Government Bitcoin Owner with $1.14 Billion
2 hours ago
North Korea has amassed the world's third-largest government-held Bitcoin reserve through state-sponsored cryptocurrency theft, according to security analysts and recent reports. The reclusive nation
Daily Crypto Market Highlights: TUT Skyrockets 221% While BMT and API3 Gain Serious Momentum
3 hours ago
The crypto market is buzzing with action as multiple altcoins make significant gains, fueled by exchange listings, strategic token burns, and growing adoption. Tutorial stole the show with an eye-wate
Related News
Tron Wallet Security Flaw Leaves Over 14,000 Wallets Vulnerable - Research
Jan 21, 2025
A significant security flaw has put in jeopardy more than 14,500 Tron cryptocurrency wallets, potentially exposing millions of dollars in assets to theft. This vulnerability, detailed by security firm
Crypto-Stealing Malware Found in Mobile App Store SDKs, Warns Kaspersky
Feb 05, 2025
Kaspersky Labs has identified a sophisticated malware campaign targeting cryptocurrency users through malicious software development kits embedded in mobile apps available on Google Play and the Apple
Crypto Thieves Exploit Zoom Lookalike in $300k Heist
Jul 23, 2024
A new crypto scam is making waves. It uses a fake Zoom page. The scam has already nabbed $300,000 in digital assets. NFT collector and cybersecurity expert "NFT_Dreww" sounded the alarm on X. He call
WalletConnect Impersonator on Google Play Goes Undetected for 5 Months, Drains $70,000 from Users
Sep 30, 2024
A malicious cryptocurrency wallet application on the Google Play Store has siphoned $70,000 from users. The app was downloaded 10,000 times over five months. Cybersecurity firm Checkpoint Research (C
Crypto Hacks Jump 15%: U.S. Regulator Pushes for Mandatory Refunds
Jan 10, 2025
All through last year, the crypto industry was battered by cyberattacks and hacking incidents, so much so that in 2025 the US regulator has suggested that traders get compensated for crypto hacks. Whi
Related Articles
5 Top Ways to Secure Your Crypto Wallet Against Hackers
Dec 31, 2024
Most of the newbies in crypto urge to buy some tokens and don’t care much about where to keep them. That might be a crucial mistake. Neglecting security can cost you dearly. Securing your wallet is es
Top 10 Biggest Crypto Exchange Hacks in Recent Years
Sep 20, 2024
In the early hours of September 20, the Singaporean cryptocurrency exchange BingX confirmed that there had been a security breach. The incident resulted in "minor asset loss," according to company off
Top 7 Anonymous Crypto Wallets You Should Know About
Dec 25, 2024
Privacy has become a hot commodity in the world of digital finance. It's no longer just a nice-to-have feature. For many crypto enthusiasts, it's a must. The growing acceptance of cryptocurrencies ha
Top 5 Ways to Prevent Front-Running Attacks in Blockchain You Should Know About
Jan 11, 2025
Of all the dangers that this decentralized ecosystem faces, front-running attacks are among the worst and most urgent. What are front-running attacks and how to protect yourself from them? Now let's g
Top 10 Must-Read Crypto News This Week: Market Makers Under Fire, Bitcoin Ready to Surge
Oct 13, 2024
This week was bursting in interesting news with some shocking taste. Although crypto enthusiasts had much to celebrate, general attitude is far from sunny and bright. Law enforcement severe attack aga