Share this article
Microsoft Raises Alarm of Malware Targeting Coinbase, MetaMask Wallets
A new report from Microsoft researchers warned of malware that could steal and decrypt users’ information from 20 of some of the most popular cryptocurrency wallets.
Updated Mar 18, 2025, 6:34 p.m. Published Mar 18, 2025, 3:05 p.m.
What to know:
- Tech giant Microsoft shared a new report warning of malware that targets 20 of the most popular cryptocurrency wallets used with the Google Chrome extension.
- The malware, dubbed StilachiRAT, could deploy “sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data."
- While the malware has not been distributed widely, Microsoft did share that it has not been able to identify what entity is behind the threat.
Tech giant Microsoft shared a new report warning of malware that targets 20 of the most popular cryptocurrency wallets used with the Google Chrome extension.
STORY CONTINUES BELOW
Microsoft’s Incident Response researchers raised alarms of a new remote access trojan (RAT), dubbed StilachiRAT, which could deploy “sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” the team shared in a blog post.
According to the team, the malware was discovered in November 2024, and it could steal users' wallet information, and any credentials, including usernames and passwords, stored in their Google Chrome browser. StilachiRAT targets 20 crypto wallets including some of the most widely-used ones like MetaMask, Coinbase Wallet, Phantom, OKX Wallet, and BNB Chain Wallet.
While the malware has not been distributed widely, Microsoft did share that it has not been able to identify what entity is behind the threat and laid out some mitigation guidelines for current targets including installing antivirus software.
“Due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape,” the team wrote.
Read more: Microsoft Shareholders Vote Down Bitcoin Treasury Proposal
Plus pour vous
Ce qu'il:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
Plus pour vous
El Salvador Partners with Elon Musk’s Grok in AI-Powered Education for 1M Students
The nation that first adopted bitcoin as legal tender is looking to pioneer AI-powered education in 5,000 Salvadoran schools with xAI’s Grok
Ce qu'il:
- El Salvador is partnering with Elon Musk's xAI to launch the world's first national AI-powered public education system.
- The initiative will deploy xAI's Grok chatbot to over 5,000 public schools, benefiting more than a million students and thousands of teachers.
- The project aims to create new AI datasets and frameworks for education, focusing on local context and responsible AI use.
Top Stories
