On March 18, Microsoft discovered a new remote access Trojan (RAT) that specifically targets 20 cryptocurrency wallet extensions in the Google Chrome browser, stealing the encrypted assets within. The Microsoft Incident Response team revealed that they first detected this malware, called StilachiRAT, in November last year. The software is capable of stealing credentials, digital wallet information, and clipboard data stored in the browser. After deployment, the attackers can use StilachiRAT to scan the configuration information of 20 cryptocurrency wallet extensions, thereby stealing the cryptocurrency wallet data, including Coinbase Wallet, Trust Wallet, MetaMask, and .