Microsoft has unveiled StilachiRAT, a sophisticated remote access trojan that employs advanced evasion techniques to infiltrate systems and steal sensitive user data. Discovered in November 2024, this malware is capable of retrieving information such as browser credentials, digital wallet details, and system configuration. It operates through a DLL module and collects data via COM-based interfaces using WQL. Additionally, it targets specific cryptocurrency wallet extensions in Google Chrome. While delivery mechanisms of StilachiRAT remain unclear, the necessity for strong security practices is highlighted to protect against this threat.
Microsoft has identified a sophisticated remote access trojan named StilachiRAT, designed to evade detection and persist in target systems while stealing sensitive information.
The malware takes information from the system, including browser credentials, digital wallet data, clipboard content, and critical system details, emphasizing enhanced stealth features.
Discovered in November 2024, StilachiRAT's functionalities are embedded in a DLL module, showcasing advanced techniques for both persistence and undetected operation.
While specific delivery methods for StilachiRAT remain unclear, Microsoft stresses the importance of implementing robust security measures to counteract potential access routes for organizations.
Collection
[
|
...
]