Microsoft has recently identified a new Trojan malware called “StilachiRAT”, which specifically targets users of popular cryptocurrency wallets like MetaMask, Phantom, and Coinbase Wallet.
This malware is designed to steal sensitive information, posing a serious threat to digital assets.

---

🔍 How StilachiRAT Works

According to Microsoft’s security team, “StilachiRAT” is a Remote Access Trojan (RAT) that infiltrates infected systems to extract valuable data.
It can steal:

• Stored browser credentials
• Wallet details
• Clipboard content

The malware uses advanced evasion techniques to avoid detection by security software.

---

🚨 Threat to Crypto Wallets

Once installed, StilachiRAT scans Google Chrome for cryptocurrency wallet extensions.
It can extract and decrypt configuration data from over 20 different wallets, including:

• MetaMask
• Coinbase Wallet
• Trust Wallet
• OKX Wallet

Additionally, it monitors clipboard activity, searching for private keys and passwords that users might copy and paste.

---

🛡️ How to Protect Yourself

To stay safe from threats like StilachiRAT, follow these essential security practices:

• Use reputable security software: Keep your antivirus and security programs updated to detect and remove malware.
• Avoid suspicious downloads: Do not install software or browser extensions from unknown or untrusted sources.
• Monitor system activity: Pay attention to unusual system behavior, such as slow performance or unexpected pop-ups.
• Update software regularly: Keep your operating system, browser, and extensions updated to benefit from the latest security patches.

By taking these precautions, you can protect your digital assets and reduce the risk of falling victim to malware like StilachiRAT.