ChainCatcher 消息，据 Cointelegraph 报道，科技巨头微软发现了一种新型远程访问木马（RAT），该木马专门针对 Google Chrome 浏览器中的 20 种加密货币钱包扩展程序，窃取其中的加密资产。 微软事件响应团队在 3 月 17 日的博客文章中透露，他们去年 11 月首次检测到这款名为 StilachiRAT 的恶意软件。该软件能够窃取存储在浏览器中的凭证、数字钱包信息以及剪贴板数据。部署后，攻击者可利用 StilachiRAT 扫描 20 种加密货币钱包扩展程序的配置信息，从而窃取加密钱包数据，这些钱包包括 Coinbase Wallet、Trust Wallet、MetaMask 和 OKX Wallet 等。 微软分析指出：“对包含 RAT 功能的 StilachiRAT 的 WWStartupCtrl64.dll 模块的研究表明，它采用了多种手段从目标系统中窃取信息。”除其他功能外，该恶意软件还能提取保存在 Google Chrome 本地状态文件中的凭证，并监控剪贴板活动以获取密码和加密密钥等敏感信息。它还具备检测规避和反取证功能，例如清除事件日志和检查是否在沙箱中运行，以阻止分析尝试。 目前，微软尚无法确定该恶意软件的幕后黑手，但希望通过公开分享信息减少潜在受害者数量。微软建议用户采取措施避免成为恶意软件的受害者，包括在设备上安装防病毒软件、基于云的反钓鱼和反恶意软件组件。

ChainCatcher 消息，据 Cointelegraph 报道，科技巨头微软发现了一种新型远程访问木马（RAT），该木马专门针对 Google Chrome 浏览器中的 20 种加密货币钱包扩展程序，窃取其中的加密资产。微软事件响应团队在 3 月 17 日的博客文章中透露，他们去年 11 月首次检测到这款名为 StilachiRAT 的恶意软件。该软件能够窃取存储在浏览器中的凭证、数字钱包信息以及剪贴板数据。部署后，攻击者可利用 StilachiRAT 扫描 20 种加密货币钱包扩展程序的配置信息，从而窃取加密钱包数据，这些钱包包括 Coinbase Wallet、Trust Wallet、MetaMask 和 OKX Wallet 等。微软分析指出：“对包含 RAT 功能的 StilachiRAT 的 WWStartupCtrl64.dll 模块的研究表明，它采用了多种手段从目标系统中窃取信息。”除其他功能外，该恶意软件还能提取保存在 Google Chrome 本地状态文件中的凭证，并监控剪贴板活动以获取密码和加密密钥等敏感信息。它还具备检测规避和反取证功能，例如清除事件日志和检查是否在沙箱中运行，以阻止分析尝试。目前，微软尚无法确定该恶意软件的幕后黑手，但希望通过公开分享信息减少潜在受害者数量。微软建议用户采取措施避免成为恶意软件的受害者，包括在设备上安装防病毒软件、基于云的反钓鱼和反恶意软件组件。

微软警告称发现针对加密钱包的新型远程访问木马

Here is the English translation, with the content inside <> not translated:

ChainCatcher news, according to Cointelegraph, tech giant Microsoft has discovered a new remote access trojan (RAT) that specifically targets 20 cryptocurrency wallet extensions in the Google Chrome browser, stealing the crypto assets within. The Microsoft Incident Response team revealed in a blog post on March 17 that they first detected this malware, named StilachiRAT, in November last year. The software is capable of stealing credentials, digital wallet information, and clipboard data stored in the browser. Once deployed, the attackers can use StilachiRAT to scan the configuration information of 20 cryptocurrency wallet extensions, allowing them to steal wallet data, including Coinbase Wallet, Trust Wallet, MetaMask, and OKX Wallet.

Microsoft's analysis indicates that "research on the StilachiRAT's WWStartupCtrl64.dll module, which contains RAT functionality, shows that it employs various means to steal information from the target system." In addition to other features, the malware can extract credentials saved in Google Chrome's local state files and monitor clipboard activity to obtain sensitive information such as passwords and encryption keys. It also has evasion and anti-forensic capabilities, such as clearing event logs and checking if it is running in a sandbox, to prevent analysis attempts.

At this time, Microsoft is unable to determine the perpetrators behind this malware, but hopes to reduce the number of potential victims by publicly sharing the information. Microsoft recommends that users take measures to avoid becoming victims of malware, including installing antivirus software, cloud-based anti-phishing, and anti-malware components on their devices.

According to a report by Cointelegraph, tech giant Microsoft has discovered a new remote access trojan (RAT) that specifically targets 20 cryptocurrency wallet extensions in the Google Chrome browser, stealing the crypto assets within.Microsoft's Incident Response team revealed in a blog post on March 17 that they first detected this malware, named StilachiRAT, in November last year. The software is capable of stealing credentials, digital wallet information, and clipboard data stored in the browser. Once deployed, the attackers can use StilachiRAT to scan the configuration information of 20 cryptocurrency wallet extensions, allowing them to steal wallet data, including Coinbase Wallet, Trust Wallet, MetaMask, and OKX Wallet.Microsoft's analysis indicates that the "WWStartupCtrl64.dll" module of StilachiRAT, which contains the RAT functionality, employs various means to steal information from the target system. In addition to other features, the malware can extract credentials saved in Google Chrome's local state files and monitor clipboard activity to obtain sensitive information such as passwords and encryption keys. It also has evasion and anti-forensic capabilities, such as clearing event logs and checking if it is running in a sandbox, to prevent analysis attempts.Microsoft is currently unable to determine the perpetrators behind this malware but hopes to reduce the number of potential victims by publicly sharing the information. The company recommends that users take measures to avoid becoming victims of malware, including installing antivirus software, cloud-based anti-phishing, and anti-malware components on their devices.

Microsoft warns of new remote access Trojan targeting crypto wallets

At around 3:00 AM Beijing time on March 20th, Federal Reserve Chairman Jerome Powell delivered a speech at a press conference following the FOMC (Federal Open Market Committee) meeting, revealing the latest monetary policy developments to the market. At the same time, a major news item emerged: US President Donald Trump will deliver a speech at the Digital Asset Summit (DAS) tomorrow (March 20th), and according to intelligence at 4:34 AM, he will announce a "major update" to his cryptocurrency strategy at the event. This is the first time the current US President has appeared at a cryptocurrency conference. Driven by this series of events, the price of Bitcoin surged sharply today...

The Fed’s “prelude to easing monetary policy” + Trump’s “major update”, is Bitcoin’s return to 87,000 just an appetizer?

The market has become a game of "musical chairs", have we not forgotten the original beliefs of this industry?

There is no long-termism in the crypto

ZachXBT has just posted an investigation revealing the identity of a mysterious Hyperliquid whale. This whale is said to have earned around $20 million from x40, x50 leveraged trades in just a few weeks...

Microsoft warns of new remote access Trojan targeting crypto wallets

Download app to participate in rewarding events