Microsoft Warns of New StilachiRAT Malware

A sophisticated malware named StilachiRAT facilitates sensitive data theft, targeting cryptocurrency wallets by extracting information from browsers, in an environment representing a digital cybersecurity landscape, reflecting urgency for enhanced protective measures against cyber threats.

March 20, 2025

Happy Thursday !

Welcome to Cycoresecure.io, your go-to partner for transforming security and compliance into effortless processes. Whether you're a startup or a growing tech company, we provide services to tackle your biggest security challenges, freeing you to focus on scaling your business with confidence. Let's secure your future together!

Make sure to follow our Cycore LinkedIn page and subscribe to receive updates on current events, trends, and industry news that matter to you

In Today's Rundown

Let’s dive right in.

You're reading the Cycore Insights newsletter.

Get exclusive coverage of cybersecurity and privacy delivered once a week.

Image Source : TechRadar

What caught our attention: Microsoft Warns of New StilachiRAT Malware


Recently, Microsoft alerted users about a new type of malware named StilachiRAT, which is designed to facilitate the theft of sensitive data from compromised systems. Discovered by Microsoft’s incident response team in November 2024, this remote access trojan (RAT) is characterized by its evasive behavior and persistent nature, capable of surviving removal attempts. The warning is significant as it highlights the evolving landscape of cyber threats in an era where digital security is increasingly under scrutiny.

StilachiRAT has been described as a sophisticated malware that collects detailed information about its host system. It specifically targets cryptocurrency wallet Chrome extensions by extracting usernames and passwords stored in the browser, as well as monitoring clipboard activities for sensitive information. Despite its current limited distribution, Microsoft emphasizes the potential severity of such threats, which can infiltrate systems through various attack vectors, including malicious software and phishing emails.

The detection of StilachiRAT raises concerns about the growing complexity of cyber threats, particularly those aimed at cryptocurrency users. By employing advanced techniques such as monitoring RDP sessions and utilizing anti-forensic measures to evade detection, this malware poses risks to both individual users and organizations. The implications of such breaches can lead to significant financial losses and data compromise, thereby reinforcing the urgency for enhanced cybersecurity protocols and awareness among users.

Source(s) :  Dark Reading; Microsoft Security Blog 

Security,Privacy and Compliance roundup

🔐 Security

  • Medusa Ransomware Expands Its Reach
    The FBI and CISA have warned that the Medusa ransomware group has conducted over 300 attacks on critical infrastructure, government, and healthcare sectors. Medusa employs phishing campaigns and software vulnerabilities to gain access to systems, encrypt data, and demand ransom under the threat of public exposure.

  • Cloudflare Enhances Quantum-Resistant Security
    Cloudflare is expanding its post-quantum cryptography protection within its Zero Trust Network Access solution to prevent future attacks from quantum computing.By mid-2025, Cloudflare will extend quantum-resistant cryptography support to all IP-based security protocols.

🛡️ Privacy

  • Hong Kong Introduces Cybersecurity Law for Critical Sectors
    The new law, effective in 2026, mandates that critical infrastructure sectors (finance, IT, energy, healthcare, and communications) must strengthen security measures and report incidents. Operators will be required to conduct annual risk assessments and biennial independent audits, with severe non-compliance fines reaching up to HK$5 million ($640,000).
     

  • Facebook Discloses Exploited FreeType 2 Vulnerability

    Facebook has warned about a critical FreeType 2 vulnerability (CVE-2025-27363) that enables remote code execution, with reports of active exploitation in the wild. Users are urged to update to FreeType 2.13.3 to mitigate risks of cyberattacks targeting outdated versions.
     

📜 Compliance

  • Google Acquires Wiz for $32 Billion to Boost Cloud Security

    Google has announced a $32 billion acquisition of Wiz, a cybersecurity firm specializing in cloud and multicloud security, making it the largest deal in Google’s history. This move is expected to strengthen Google’s ability to secure enterprise cloud workloads and integrate AI-driven cybersecurity solutions.
     

  • Fort Bend Public Library Approves $2.6M for Cybersecurity Enhancement

    After experiencing prolonged network disruptions affecting online services, the Fort Bend County Commissioners Court allocated $2.6 million to multiple cybersecurity firms. Library officials confirmed that no personal information was leaked, and the incident prompted stronger cybersecurity measures for future risk mitigation.

Let's Build Trust

Work with us or follow along:

  1. Cycore, builds enterprise-grade security, privacy and compliance programs for the modern organization. Partner with us.

  2. Follow us on LinkedIn for security, privacy & compliance updates!

  3. How else can we help? Feedback? Have a question? Reply to this email.

  4. Know someone who would like this email? Forward it to a friend...

Your security & compliance ally,
Cycore Team