Microsoft was warned about Trojan aimed at cryptoamanka

Microsoft incident researchers have discovered a new Remote Trojan (RAT) Stilachirrat focused on cryptocurrency theft and users’ credentials.

Harmful software attaches 20 different extensions in Google Chrome browser, including Metamask, Coinbase Wallet, Trust Wallet, OKX Wallet, Bitget Wallet and Phantom. In parallel, Stilachirat pulls out and decrypts preserved logins and passwords.

The Trojan does not just infect devices, but actively studies them. The malicious program collects information about the system, including iron data, active RDP-Sessions, attachments installed, and checks the availability of connected cameras. In addition, the behavior of users is recorded, after which all information is forwarded to the command server.

One of the key pest threats is its ability to fix in the system, manipulating Windows. This allows you to maintain control of the device for a long time, complicating the process of detection and removal.

Stilachirat connects to remote command servers through TCP ports 53, 443 and 16000. This gives the attackers the opportunity to run commands, including system restarting, deleting logs and register management. Trojan uses anti -criminalist tactics to avoid detection, such as cleansing events.

Microsoft emphasized that Stilachirrat has a high risk. To reduce the likelihood of infection, it is recommended that you use official sources to load software, SmartScreen Support Webbrowers and include safe links for Office 365.

Microsoft Defender XDR users can refer to the list of applications, including Trojanspy: Win64/Stilachi.A, and use search requests to detect appropriate activity in their networks.

We will remind, on December 16, 2024, one of the researchers of Slowmist reported that the Trojan MacOS Steler Trojan code for bitcoin stones was available. According to the expert, the pest has become free and can be used by a large number of malefactors.

The gun