APT / THREAT GROUP
ChrGetPdsi Stealer
2
aliases
Last seen:Mar 17, 2026
Intelligence Profile
ChrGetPdsi is a basic infostealer written in Golang which is designed to steal browser history and logins, and targets Chrome, Edge, and Firefox. The output is written to a text file named chrgetpdsi.txt. Based on the samples analysed, the malware does not appear to have networking capabilities, and therefore it is likely that it is intended to be used in a post-compromise situation where the attacker already has access to the target system and can retrieve the created output file via other means.ChrGetPdsi has been observed being deployed by the Broomstick malware.
Threat Analysis
ChrGetPdsi Stealer is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
ChrGetPdsi Stealerwin.chrgetpdsi_stealer
External Intelligence
Malpedia: win.chrgetpdsi_stealerResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.