HOMETHREATSChrGetPdsi Stealer
APT / THREAT GROUP

ChrGetPdsi Stealer

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

ChrGetPdsi is a basic infostealer written in Golang which is designed to steal browser history and logins, and targets Chrome, Edge, and Firefox. The output is written to a text file named chrgetpdsi.txt. Based on the samples analysed, the malware does not appear to have networking capabilities, and therefore it is likely that it is intended to be used in a post-compromise situation where the attacker already has access to the target system and can retrieve the created output file via other means.ChrGetPdsi has been observed being deployed by the Broomstick malware.

Threat Analysis

ChrGetPdsi Stealer is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

ChrGetPdsi Stealerwin.chrgetpdsi_stealer

External Intelligence

Malpedia: win.chrgetpdsi_stealer

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
ChrGetPdsi Stealer — APT / Threat Group | Threat Intelligence | CTIWATCH.COM