A major technology corporation has issued a new report signaling a threat posed by malware that specifically targets 20 of the most popular cryptocurrency wallets available through the Google Chrome extension.
Researchers in the company’s Incident Response team have raised concerns about a new remote access trojan (RAT) named StilachiRAT. This malware is capable of employing “advanced methods to avoid detection, maintain persistence in the target system, and extract sensitive information,” according to details shared in a recent blog entry.
The team discovered the malware in November 2024, and it has the potential to steal wallet details, as well as any stored credentials such as usernames and passwords from users’ Google Chrome browser. StilachiRAT focuses on 20 cryptocurrency wallets, including well-known options like MetaMask, Coinbase Wallet, Phantom, OKX Wallet, and BNB Chain Wallet.
Although the malware has not seen widespread distribution, the corporation noted that it has not been able to determine the entity responsible for this threat. They have provided some recommendations for mitigation, including the installation of antivirus software.
“Considering its stealthy capabilities and the rapid evolution within the malware ecosystem, we are sharing these insights to continue our commitment to monitoring, analyzing, and informing on the shifting threat landscape,” the team stated.
Discover more: Shareholders Reject Bitcoin Treasury Proposal