Microsoft identifies new rats -Targeting -cryptocurrency letters and more

Microsoft has identified a previously unknown remote access -trojan, which is referred to as a styles and uses advanced techniques in order to withdraw the detection and maintain persistence in infected systems.

The malware is designed in such a way that you initiate a wide range of sensitive data, including configuration files from 20 cryptocurrency letter -pocket extensions for the Google Chrome browser. The targeted wallpoons include metamask, coinbase letter pocket, trust pocket and tronlink.

Style axis can also extract and decrypt stored login information from Chrome, which gives attackers access to stored user names and passwords, said Microsoft.

In addition to the connection of login information, the malware collects extensive system information, monitors the terminal activity for sensitive data such as passwords and cryptocurrency keys and pursues active windows and applications, the report says.

In order to avoid detection, Stilachirate deletes system protocols and checks the settings of the computer before the commands are executed.

Microsoft has not attributed the malware to a well -known threat player or a geographical region, and its distribution seems to be limited at this stage. However, the researchers decided to share their results due to the constipation of the malware and its ability to collect a wide range of data.

Stilachirate can carry out a variety of commands that are received on its command and control server (C2). This includes restarting the system, deleting protocols, the theft of login information, starting applications and manipulating system windows.

The malware can also expose the system and change the Windows registration settings, which highlights the potential for espionage and system manipulation, said Microsoft.

Learn more.