Summary: Microsoft has revealed details about StilachiRAT, a stealthy malware designed to steal sensitive data from compromised machines by profiling systems, monitoring clipboard content, and extracting credentials from cryptocurrency wallets. Though not widely distributed, the malware exhibits advanced evasion techniques and persistence mechanisms. Microsoft has not linked it to any specific threat group or country as of now.
Affected: Organizations and individuals using vulnerable Windows systems
Keypoints :
- StilachiRAT is a remote access trojan (RAT) observed by Microsoftβs incident response team since November 2024.
- The malware collects system information and targets cryptocurrency wallet configurations in Chrome.
- Advanced evasion tactics include anti-forensic behavior, API obfuscation, and persistence methods through Windows service control management.
Source: https://www.securityweek.com/microsoft-warns-of-new-stilachirat-malware/