- Microsoft warns of StilachiRAT Trojan malware targeting 20 crypto wallet extensions in Chrome.
- Stachirat extracts credentials and monitors clipboard to steal crypto keys, passwords.
- Crypto-related cyberattacks surged, with $1.53 billion lost in February 2025 alone.
Microsoft has issued an alert to cryptocurrency users about a newly discovered trojan malware dubbed StilachiRAT. This malware specifically targets cryptocurrency wallet extensions within the Google Chrome browser.
Microsoft’s cybersecurity team uncovered StilachiRAT, which is designed to pilfer sensitive user data, including login credentials and crucial cryptocurrency keys.
Which Crypto Wallets Are at Risk?
This trojan is designed to attack 20 different cryptocurrency wallet extensions. Here’s the comprehensive list of targeted cryptocurrency wallet extensions:
| Bitget Wallet (formerly BitKeep) | Trust Wallet | TronLink | MetaMask (Ethereum) |
| TokenPocket | BNB Chain Wallet | OKX Wallet | Sui Wallet |
| Braavos – Starknet Wallet | Coinbase Wallet | Leap Cosmos Wallet | Manta Wallet |
| Keplr | Phantom | Compass Wallet for Sei | Math Wallet |
| Fractal Wallet | Station Wallet | ConfluxPortal | Plug |
How StilachiRAT Operates: A Stealthy Thief
StilachiRAT, first detected in November 2024, operates by extracting stored credentials directly from Google Chrome. This allows it to gain access to critical cryptocurrency wallet data. Additionally, the malware monitors clipboard activity, enabling it to capture passwords, private keys, and other sensitive information whenever a user copies them.
The trojan cleverly exploits a component within Chrome known as wwstartupcontrol64.dll to carry out these malicious actions discreetly, making it a significant threat to cryptocurrency users.
Related: Bitcoin Not Suitable for Reserves, Says South Korea’s Central Bank
While Microsoft has not yet identified the specific individuals or groups behind this attack, the company emphasized the importance of publicly sharing its findings to help users protect themselves from potential harm caused by StilachiRAT.
Microsoft also noted that, based on their current analysis, StilachiRAT does not appear to be widely distributed at this time.
Growing Threats in Crypto
The discovery of StilachiRAT comes at a time when cyberattacks on the cryptocurrency world are on the rise. Hackers are using more advanced methods to take advantage of weaknesses in crypto wallets and exchanges.
Related: FOMC meeting this week: All eyes on Powell for rate hints and potential QT end, impacting crypt
According to a report from a Blockchain Security Firm, scams, hacks, and other attacks led to $1.53 billion in losses just in February 2025, with the $1.4 billion Bitfinex hack being a major part of that total.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
