⚠️ Warning: Microsoft has identified a new remote access trojan (RAT) named StilachiRAT 🦠, designed to infiltrate Google Chrome and steal cryptocurrency wallets. 🔥
🛑 Discovered in November 2024, this malware poses a serious threat to crypto users by stealing sensitive information and maintaining persistent access to infected systems. ⚠️
---
🎯 Targeted Cryptocurrency Wallet Extensions
StilachiRAT specifically aims at 20+ cryptocurrency wallet extensions within Chrome, including:
🔹 MetaMask 🦊
🔹 Coinbase Wallet 💰
🔹 Trust Wallet 🔒
🔹 OKX Wallet 🏦
🔹 Bitget Wallet 📈
🔹 Phantom 👻
🔹 TronLink ⚡
🔹 ConfluxPortal 🌐
🚨 Once compromised, it can steal:
🔑 Login credentials
📂 Private keys
📋 Clipboard data
---
⚠️ StilachiRAT's Dangerous Capabilities
🔍 Information Gathering 🕵️♂️
Collects system details, camera status 📷, active remote sessions, and running applications 📊.
✂️ Clipboard Monitoring 📋
Captures copied passwords and crypto keys 🏴☠️.
🖥️ Remote Command Execution 💻
Can reboot the system, launch applications, and delete logs 🗑️.
🔁 Self-Reinstall Mechanism 🛡️
If deleted, it reinstalls itself automatically ⚙️!
---
🛡️ How to Stay Safe from StilachiRAT?
✅ Only download software from official sources 📥
✅ Use trusted antivirus programs 🛡️
✅ Enable cloud-based security features ☁️
✅ Be cautious with emails & links 📧🚫
👀 Stay vigilant and secure your crypto assets! 🚀💰
