Watch out, Trojan StilachiRAT: A New Malware Targeting Crypto Wallets on Google Chrome!

Bittime - The StilachiRAT Trojan is a new threat to crypto wallet users on Google Chrome. This malware targets 20 popular extensions such as MetaMask, Coinbase Wallet, Trust Wallet, and others. Learn how to protect your crypto assets!

Trojans Spy on Your Data

Trojans are one of the most dangerous types of malware that disguise themselves as legitimate software to infiltrate users' systems. Once successful in entering, the trojan can steal data, control devices, and even access financial information without the victim's knowledge. 

In the crypto industry, the existence of trojans is increasingly worrying because they can steal digital assets in just a matter of seconds.

Read Also: What is Malware? Recognize Threats and How to Detect Them

Recently, Microsoft discloses the StilachiRAT threat, a malicious trojan that specifically targets cryptocurrency wallet users on Google Chrome. Based on a Microsoft report, this malware has complex attack methods, including credential theft, transaction manipulation, and even real-time monitoring of victim activity.

What is the StilachiRAT Trojan?

StilachiRAT is a new trojan discovered by Microsoft that has extensive capabilities in carrying out system reconnaissance to theft of cryptocurrency. 

This malware targets various crypto wallet extensions used in the Google Chrome browser, allowing hackers to steal important data such as seed phrases, private keys, and user login credentials.

This Trojan can also change the destination address of a crypto transaction, so that users unknowingly send their funds to the attacker's wallet.

Read Also: Getting to Know Trojans and How to Avoid Them

Why Target Crypto Wallet in Chrome Browser?

Google Chrome is one of the most popular browsers in the world, and many users store their crypto assets through wallet extensions such as MetaMask, Coinbase Wallet, Trust Wallet, and others. The StilachiRAT Trojan is designed to infiltrate various popular crypto wallet extensions, making it a serious threat to digital asset owners.

Based on reports, this trojan targets various wallet extensions in Chrome with using a specific extension identifier, which allows this malware to identify and attack specific wallets. Here is a list of some of the wallet extensions that StilachiRAT targets:

If you use one of the wallet extensions above, immediately check the security of your account and take preventive measures to avoid the StilachiRAT threat.

How Does the StilachiRAT Trojan Work?

According to Microsoft, StilachiRAT uses several techniques to infiltrate user systems, including:

• Spread via phishing emails and malicious downloads that trick users into installing infected software.
• Exploit wallet extensions by injecting malicious code that allows theft of login data and seed phrases.
• Manipulate transactions by automatically changing the destination wallet address so that funds are sent to the hacker's wallet.
• Recording user activity to gain broader access to other sensitive information.

Microsoft also discovered that StilachiRAT has a self-update feature, which allows this malware to continue to evolve and adapt its attack methods.

How to Anticipate the StilachiRAT Trojan

To protect your crypto assets from StilachiRAT attacks, take the following steps:

1. Use a trusted antivirus and anti-malware such as Microsoft Defender or Malwarebytes to detect threats early.
2. Avoid downloading software from unknown sources or suspicious links.
3. Enable two-factor authentication (2FA) on your crypto wallet for an added layer of security.
4. Check the wallet address before confirming the transaction to avoid being caught in malware manipulation.
5. Use a hardware wallet such as Ledger or Trezor to store crypto assets more safely.
6. Update your wallet extension regularly to get the latest protection against cyber attacks.

Conclusion

The StilachiRAT Trojan is a serious threat to crypto wallet users on Google Chrome. With its sophisticated attack methods, this malware can steal seed phrases, login credentials, and even control user transactions without them knowing.

If you use an extension-based crypto wallet in Chrome, make sure to stay alert, avoid suspicious links, and use multiple layers of security to protect your assets.

Microsoft's report shows that StilachiRAT continues to grow, so it is important to always update your security system and stay up to date with the latest information regarding these threats.

FAQ

Does StilachiRAT only attack Google Chrome?

Currently, this malware is known to target the wallet extension in Google Chrome. However, users of other browsers such as Edge or Brave should still be wary of similar threats.

How do I know if I am infected with StilachiRAT?

If you notice missed transactions, changes to your wallet extension, or suspicious activity on your crypto account, immediately perform a security check and change your credentials.

Will deleting the wallet extension get rid of StilachiRAT?

Just deleting the wallet extension is not enough. You need to scan your system with the latest antivirus, change your wallet credentials, and consider moving your assets to a more secure wallet.

How to Buy Crypto on Bittime

Want to trade sell buy Bitcoins and crypto investment easily? Bittime is here to help! As an Indonesian crypto exchange officially registered with Bappebti, Bittime ensures every transaction is safe and fast.

Start with registration and identity verification, then make a minimum deposit of IDR 10,000. After that, you can immediately buy your favorite digital assets!

Check the exchange rate BTC to IDR, ETH to IDR, SOL to IDR and other crypto assets to find out today's crypto market trends in real-time on Bittime.

Also, visit the Bittime Blog for interesting updates and educational information about the crypto world. Find reliable articles about Web3, blockchain technology, and digital asset investment tips designed to enrich your crypto knowledge.

Reference:

CoinTelegraph, Microsoft Found New Trojan StilachiRAT Targeting Cryptocurrency Wallets, Accessed March 20, 2025

Microsoft, StilachiRAT Analysis, Accessed March 20, 2025

IBTimes, Trojan StilachiRAT: Everything to Know, Accessed March 20, 2025

Author: Irwan