Microsoft has recently issued a warning about a new remote access trojan (RAT) that specifically targets cryptocurrency wallets. This malware, known as StilachiRAT, has the ability to steal sensitive information such as credentials, digital wallet data, and even data stored in the clipboard. The tech giant’s Incident Response Team discovered the malware last November and has since found that it targets 20 different cryptocurrency wallet extensions for the Google Chrome browser.

According to Microsoft’s blog post, the StilachiRAT malware uses various methods to extract information from the target system. This includes scanning for configuration information for popular crypto wallet extensions like Coinbase Wallet, Trust Wallet, MetaMask, and OKX Wallet. The malware also has capabilities for detection evasion and anti-forensics, making it difficult to detect and analyze.

In addition to stealing information, StilachiRAT can also monitor clipboard activity for sensitive data like passwords and crypto keys. It can also clear event logs and check for signs that it is running in a sandbox, further complicating analysis attempts.

While Microsoft has not been able to identify the perpetrators behind this malware, they hope that by publicly sharing this information, they can prevent more people from falling victim to it. The tech giant advises users to have antivirus software and cloud-based anti-phishing and anti-malware components on their devices to protect against such threats.

Unfortunately, crypto-related scams, exploits, and hacks have been on the rise, with losses totaling nearly $1.53 billion in February alone. This includes the $1.4 billion Bybit hack, which accounted for the majority of losses. According to blockchain security firm CertiK, this highlights the need for increased security measures in the crypto industry.

In its 2025 Crypto Crime Report, blockchain analytics firm Chainalysis also noted the professionalization of crypto crime, with the use of AI-driven scams, stablecoin laundering, and efficient cyber syndicates. The report also revealed that there was $51 billion in illicit transaction volume in the past year.

As the crypto industry continues to grow, it is crucial for users to remain vigilant and take necessary precautions to protect their assets. With the increasing sophistication of cybercriminals, it is important to stay informed and stay ahead of potential threats.