Outside Source
Key Takeaways:
- Known as StilachiRAT, the newly identified Trojan virus steals login credentials from cryptocurrency wallets like MetaMask and also Coinbase Wallet.
- It operates in stealth mode, wiping system logs to avoid detection.
- This news was announced by the security research team of Aurora Labs over 20 browser-based crypto wallets with the potential to jeopardize digital assets.
- The burden still falls to users to properly secure their accounts; 2FA, software updates, and avoidance of links from strangers, to name a few.
What is StilachiRAT?
Example of a unique ID stored in the registry
A recently found remote access Trojan, known as StilachiRAT, appears to be an especially dangerous malware targeted at the world’s cryptocurrency users. From our sponsor Microsoft alerted about such malware recently, and it targets browser-centric crypto wallets with a focus on Google Chrome Extensions.
How StilachiRAT Works
StilachiRAT also has a stealthy development and point collection process. It then continues to:
- Install clipboard scrapers to log things like copied passwords, seed phrases, or private keys
- It clears system logs, making security software unable to detect it.
Hackers have used techniques from phishing emails to bad downloads or fake software updates to spread the malware. Once inside a system, it remain dormant and collects sensitive information, which is later sent to cybercriminals.
The Real Reason Crypto Wallets Are a Target of Choice
StilachiRAT targets more than 20 commonly used crypto wallets, including: MetaMask, Coinbase Wallet, Trust Wallet, TronLink, BNB Chain, Bitget, OKX, the likes of Sui, Manta, Phantom, etc.
Cybercriminals targeting crypto wallets do so because cryptocurrency transactions are irreversible, so they have a prime motivation for their efforts. Unlike traditional bank transactions, digital assets have no chargebacks, which means that the moment a crypto transfer has been made to a hacker’s address, there’s no way to get those funds back.”
Additionally, a large portion of users do not have good security practices in place, making it easier to be stealthily pilfered through malware without their knowledge, as was the case with StilachiRAT.
The Dangers of Cyber Attacks Using Cryptocurrency Are Growing
StilachiRAT, the crypto-jacking malware, is another more recent in a string of global cyber attacks in cryptocurrency. Over the past few years, crypto hacks have grown in scale and sophistication, leading to billions of dollars of stolen funds.
StilachiRAT: How to protect yourself?
Configure Two-Factor Authentication (2FA)
2FA is an additional level of security for your accounts. And even if a hacker manages to steal your password, they won’t be able to log in without the second step of authentication.
Never Click On Unfamiliar Links and Emails
Phishing is one of the most common ways hackers attack, and malware often spreads this way. Do not open email attachments from anyone you do not know or click on unfamiliar links.
For Large Holdings, Use A Hardware Wallet
Use a hardware wallet (cold storage) instead of browser-based wallets, especially if you have a large quantity of crypto. These wallets live offline and are therefore inaccessible to online attacks.
Monitor Your Transactions Regularly
Keep an eye on your crypto transaction and account activity frequently to detect andrespond to any unauthorized account access as soon as possible. Believe if you notice something unusual, secure your accounts right away.
A reminder to tread carefully in the crypto space
Malware types like StilachiRAT are an effective reminder to crypto users that if nothing else, prevention is still a better choice than attempting to react to an already-breached network. With the cost of entry into digital assets getting higher, making it a prime target for hackers, cybercriminals will always innovate and come up with ways to steal funds.
By the way, good luck out there in the crypto world and remember knowledge is your best weapon!
More News: THORChain Under Fire as Swap Volumes Surge From Aftermath of Bybit Hack
This article first appeared at CryptoNinjas
