CyberSecurity news
Microsoft Incident@Microsoft Security Blog
//
Microsoft's Incident Response team has uncovered a novel remote access trojan (RAT) named StilachiRAT, which employs sophisticated techniques to evade detection and steal sensitive data. Discovered in November 2024, StilachiRAT demonstrates advanced methods to remain undetected, persist in the targeted environment, and exfiltrate valuable information. The malware is capable of gathering system information, stealing credentials stored in browsers, targeting cryptocurrency wallets, and using command-and-control connectivity for remote execution.
The RAT scans for configuration data of 20 different cryptocurrency wallet extensions for the Google Chrome browser and extracts credentials from the browser, indicating its focus on cryptocurrency theft and credential compromise. It establishes communication with remote command-and-control (C2) servers to execute commands, manipulate registry settings, and clear logs, making it challenging to detect and remove. Microsoft advises users to download software from official sources, use web browsers with SmartScreen support, and enable Safe Links and Safe Attachments for Office 365 to prevent StilachiRAT infections.
ImgSrc: www.microsoft.c
References :
- bsky.app: ​MicrosoftÂ
has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, ensure persistence, and extract sensitive information data.
- BleepingComputer: Microsoft: New RAT malware used for crypto theft, reconnaissance
- Microsoft Security Blog: StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
- BleepingComputer: Microsoft has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, ensure persistence, and extract sensitive information data.
- hackread.com: StilachiRAT: Sophisticated malware targets crypto wallets & credentials. Undetected, it maps systems & steals data. Microsoft advises strong security measures.
- Virus Bulletin: Microsoft researchers uncovered a novel remote access trojan (RAT) named StilachiRAT that demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data.
- securityaffairs.com: New StilachiRAT uses sophisticated techniques to avoid detection
- The DefendOps Diaries: Understanding StilachiRAT: A New Cyber Threat Targeting Cryptocurrency
- CyberInsider: Microsoft Uncovers New Stealthy Malware ‘StilachiRAT’ Targeting User Data
- The Hacker News: Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
- The Hacker News: Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
- Tech Monitor: New remote access trojan ‘StilachiRAT’ identified
- Help Net Security: Stealthy StilachiRAT steals data, may enable lateral movement
- www.techradar.com: Microsoft warns of a devious new RAT malware which can avoid detection with apparent ease
- The Record: A previously unreported remote access trojan that Microsoft researchers dubbed StilachiRAT is designed to steal a wide range of data, including information about cryptocurrency wallet extensions for Google's Chrome browser.
- Blog: New ‘StilachiRAT’ found scurrying in crypto wallets
- BleepingComputer: Detailed technical analysis of the StilachiRAT malware and its operational capabilities.
- securityonline.info: Microsoft Uncovers Sophisticated StilachiRAT Malware
- Sophos X-Ops: Microsoft has discovered a new remote access trojan (RAT) dubbed StilachiRAT, which uses sophisticated techniques to avoid detection.
- Cyber Security News: Microsoft has recently issued a warning about a novel remote access trojan (RAT) known as StilachiRAT, which has been discovered to possess sophisticated capabilities for evading detection and stealing sensitive data. This malware was identified by Microsoft Incident Response researchers in November 2024 and is notable for its ability to target Remote Desktop Protocol (RDP) […] The post appeared first on .
Classification:
- HashTags: #StilachiRAT #RemoteAccessTrojan #Cybersecurity
- Company: Microsoft
- Target: Chrome Users, Cryptocurrency Wallets
- Attacker: Microsoft
- Product: Windows
- Feature: Evasion Techniques
- Malware: StilachiRAT
- Type: Malware
- Severity: Major