Microsoft

Microsoft Raises Alarm of Malware Targeting Coinbase, MetaMask Wallets

Tech Share Share this article Copy link X icon X (Twitter) LinkedIn Facebook Email Microsoft Raises Alarm of Malware Targeting Coinbase, MetaMask Wallets A new report from Microsoft researchers warned of malware that could steal and decrypt users’ information from 20 of some of the most popular cryptocurrency wallets. By Margaux Nijkerk| Edited by Stephen

Published 3 months ago in
Microsoft Raises Alarm of Malware Targeting Coinbase, MetaMask Wallets
Tech

Share this article

X iconX (Twitter)LinkedInFacebookEmail

Microsoft Raises Alarm of Malware Targeting Coinbase, MetaMask Wallets

A new report from Microsoft researchers warned of malware that could steal and decrypt users’ information from 20 of some of the most popular cryptocurrency wallets.

By Margaux Nijkerk|Edited by Stephen Alpher
Updated Mar 18, 2025, 6:34 p.m. Published Mar 18, 2025, 3:05 p.m.
Microsoft shareholders voted against adding bitcoin to its company's treasury. (Photo by Craig T Fruchtman/Getty Images)

What to know:

  • Tech giant Microsoft shared a new report warning of malware that targets 20 of the most popular cryptocurrency wallets used with the Google Chrome extension.
  • The malware, dubbed StilachiRAT, could deploy “sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data.”
  • While the malware has not been distributed widely, Microsoft did share that it has not been able to identify what entity is behind the threat.

Tech giant Microsoft shared a new report warning of malware that targets 20 of the most popular cryptocurrency wallets used with the Google Chrome extension.

STORY CONTINUES BELOW
Don’t miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters

By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

Microsoft’s Incident Response researchers raised alarms of a new remote access trojan (RAT), dubbed StilachiRAT, which could deploy “sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” the team shared in a blog post.

According to the team, the malware was discovered in November 2024, and it could steal users’ wallet information, and any credentials, including usernames and passwords, stored in their Google Chrome browser. StilachiRAT targets 20 crypto wallets including some of the most widely-used ones like MetaMask, Coinbase Wallet, Phantom, OKX Wallet, and BNB Chain Wallet.

While the malware has not been distributed widely, Microsoft did share that it has not been able to identify what entity is behind the threat and laid out some mitigation guidelines for current targets including installing antivirus software.

“Due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape,” the team wrote.

Read more: Microsoft Shareholders Vote Down Bitcoin Treasury Proposal

MicrosoftWalletsMetaMaskPhantomcoinbase-walletCoinbase
Margaux Nijkerk

Margaux Nijkerk reports on the Ethereum protocol and L2s. A graduate of Johns Hopkins and Emory universities, she has a masters in International Affairs & Economics. She holds BTC and ETH above CoinDesk’s disclosure threshold of $1,000.

X

!–>!–>!–>
Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Microsoft

Arkane Founder: ‘I Think Game Pass is Unsustainable’

The founder and former president of Arkane Studios Raphaël Colantonio, who left in 2019, took to social media weighing on the huge Microsoft and Xbox layoffs. “Why is no-one talking about the elephant in the room? Cough cough (Gamepass),” said Colantonio (spotted by VideoGamesChronicle). He added…

Published 1 week ago in
Arkane Founder: ‘I Think Game Pass is Unsustainable’

The founder and former president of Arkane Studios Raphaël Colantonio, who left in 2019, took to social media weighing on the huge Microsoft and Xbox layoffs.
“Why is no-one talking about the elephant in the room? Cough cough (Gamepass),” said Colantonio (spotted by VideoGamesChronicle).
He added…
Read More

Continue Reading
Microsoft

In the Wake of Xbox Layoffs, Founder of Dishonored and Prey Dev Arkane Slams Game Pass: ‘Why Is No-One Talking About the Elephant in the Room?’

Hot on the heels of the layoffs that have swept through Xbox, the founder of Microsoft-owned Arkane Studios has hit out at Game Pass, whose subscription model he called “unsustainable.” Raphael Colantonio, who founded the Dishonored and Prey developer and served as its president before leaving in 2017 to start Weird West maker WolfEye Studios

Published 1 week ago in
In the Wake of Xbox Layoffs, Founder of Dishonored and Prey Dev Arkane Slams Game Pass: ‘Why Is No-One Talking About the Elephant in the Room?’

Hot on the heels of the layoffs that have swept through Xbox, the founder of Microsoft-owned Arkane Studios has hit out at Game Pass, whose subscription model he called “unsustainable.”

Raphael Colantonio, who founded the Dishonored and Prey developer and served as its president before leaving in 2017 to start Weird West maker WolfEye Studios, took to social media to ask: “Why is no-one talking about the elephant in the room? Cough cough (Gamepass).”

When asked to expand on his thoughts on Game Pass, which Weird West launched straight into as a day one title in March 2022, Colantonio said: “I think Gamepass is an unsustainable model that has been increasingly damaging the industry for a decade, subsidized by MS’s ‘infinite money,’ but at some point reality has to hit. I don’t think GP can co-exist with other models, they’ll either kill everyone else, or give up.”

Colantonio’s comment sparked a vociferous debate about the pros and cons of Game Pass in industry terms as well as for the customer. Microsoft’s subscription service has been called many things over the years: the death of the video game industry; the savior of smaller developers who benefit greatly from payments made by Microsoft to secure their games; and everything in between. During the great Xbox FTC trial to decide the fate of Microsoft’s $69 billion aquisition of Call of Duty maker Activision Blizzard, then PlayStation boss Jim Ryan claimed that he had talked to “all the publishers” and that, unanimously, they all hated Game Pass “because it is value destructive.” He also said Microsoft “appears to be losing a lot of money on it.”

Back in 2021, Xbox boss Phil Spencer countered Game Pass doomsayers, saying: “I know there’s a lot of people that like to write [that] we’re burning cash right now for some future pot of gold at the end. No. Game Pass is very, very sustainable right now as it sits. And it continues to grow.”

That was four years ago. What about now, in the wake of cuts that have seen Rare’s Everwild, the Perfect Dark reboot, and an unannounced MMO in the works at developer behind The Elder Scrolls Online all canceled?

Colantonio’s comments were backed by a number of industry peers, including the former VP of biz dev at Epic Games. Michael Douse, publishing director at Baldur’s Gate 3 developer Larian, said that the biggest concern right now revolves around what happens when all that money runs out. This, Douse added, is “one of the main economic reasons people I know haven’t shifted to its business model. The infinite money thing never made any sense.”

(It’s worth noting that Baldur’s Gate 3 has so far not launched in Game Pass or PlayStation Plus.)

Colantonio then ridiculed Microsoft’s insistence that launching games into Game Pass did not impact sales, only to later admit the contrary.

Douse responded to to say he prefers the Sony way of doing things. Sony’s PlayStation Plus policy is to keep first-party games off the subscription service at launch, only adding them some time later. That’s why you won’t see this year’s Sony’s Ghost of Yotei launch straight into PS Plus, but you will see Call of Duty: Black Ops 7 as a day one Game Pass launch.

“The economics never made sense, but at the same

Read More

Continue Reading
Microsoft

Microsoft denies shutting down operations in China

Microsoft China denied it would cease operations in the country, after a screenshot of an internal email from Wicresoft, a Microsoft outsourcing partner, fueled speculation about a potential exit. On Monday, several employees of Wicresoft shared screenshots of layoff emails on social media. The email cites geopolitical tensions and shifts in the global business landscape

Published 2 months ago in
Microsoft denies shutting down operations in China

Microsoft China denied it would cease operations in the country, after a screenshot of an internal email from Wicresoft, a Microsoft outsourcing partner, fueled speculation about a potential exit. On Monday, several employees of Wicresoft shared screenshots of layoff emails on social media. The email cites geopolitical tensions and shifts in the global business landscape [……
Read More

Continue Reading
Microsoft

Fake Microsoft Office add-in tools push malware via SourceForge

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. …

Published 2 months ago in
Fake Microsoft Office add-in tools push malware via SourceForge

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. …
Read More

Continue Reading