New Trojan StilachiRAT threatens cryptocurrency wallet users
Date: 2025-03-19 Author: Henry Casey Categories: BUSINESS
The greatest risk is posed to owners of wallets such as Bitget Wallet, Trust Wallet, MetaMask, OKX Wallet, Coinbase Wallet and others associated with large crypto networks.
StilachiRAT uses several methods to steal personal data. It scans the clipboard, extracting information about crypto wallets, and also uses repeated combinations of characters to guess keys, especially for wallets operating on the Tron network. Moreover, the Trojan collects information about the victim's system, monitors remote sessions via RDP and maintains its activity using Windows mechanisms, which makes it difficult to detect and remove. It uses the protection process through the Windows Service Manager (SCM), which allows it to bypass traditional security measures.
In addition, StilachiRAT has methods to counter analysis, such as clearing logs and dynamically adjusting behavior in virtual environments. This allows the malware to remain undetected, even after attempts to remove it. Microsoft specialists emphasize that due to its stealth and adaptability, the Trojan poses a high threat to the security of cryptocurrency users.
At the moment, the distribution of StilachiRAT is limited, but its flexibility and ability to bypass protection make it dangerous. In order to minimize the risk of infection, Microsoft recommends downloading programs only from official sources, regularly updating antivirus software and blocking suspicious web resources.
Previously, another malicious program, Hidden Risk, developed by the BlueNoroff hacker group from North Korea, was recorded. This program is also aimed at stealing confidential information and poses a serious threat to users.
