Microsoft has alerted a Trojan who acts from Chrome in Windows with the aim of collecting information about the infected equipment and stealing cryptocurrencies and access credentials stored in the Google browser.
Stilachirat is a remote access Trojan that Microsoft Incident Response researchers detected in November last year and that, despite the follow -up, they have not yet managed to attribute to any specific actor or geolocation.
The company highlights Stilachirat its stealth capabilities and the use of various methods to steal information from the target system, and warns that it can end up installed in the team “through various vectors”, as ‘software’ tools or updates that simulate being legitimate or come from unofficial or reliable sources.
Microsoft recommends using Edge
Its objective is the theft of information from the infected Windows team, as Microsoft explains in its official blog. From the Chrome browser collects system information (operating system, active remote desktop protocol and user graphic interface applications in execution), of the digital wallet, of the saved credentials and the clipboard.
The connection with a remote server allows the execution of remote commands, for example, to execute the theft of information and extract it from the equipment, as well as to eliminate the records that betray its presence, and to make a lateral movement by the system.
Microsoft recommends using Edge instead of Chrome to avoid Stilachirat’s threat, and use their own security tools, which are able to detect this Trojan.
#Microsoft #warns #Trojan #steals #computer #information #saved #passwords #Chrome
