Analysis by: Leidryn Saludez
ALIASES:

Trojan:JS/ChatGPTStealer.GVA!MTB (MICROSOFT)

 PLATFORM:

Windows

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 SYSTEM IMPACT RATING:
 INFORMATION EXPOSURE:

  • Threat Type: Trojan Spy

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It does not have any propagation routine.

It does not have any backdoor routine.

It connects to certain websites to send and receive information.

  TECHNICAL DETAILS

File Size: 10,824 bytes
File Type: JS
Memory Resident: No
Initial Samples Received Date: 13 Jan 2026
Payload: Connects to URLs/IPs, Collects system information

Arrival Details

This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Propagation

This Trojan Spy does not have any propagation routine.

Backdoor Routine

This Trojan Spy does not have any backdoor routine.

Rootkit Capabilities

This Trojan Spy does not have rootkit capabilities.

Information Theft

This Trojan Spy gathers the following data:

  • System Information:
    • Victim UUID
    • Browser tab URLs
    • Tab activation timestamps
    • Page load timestamps
  • ChatGPT Conversation Data:
    • Complete conversation histories
    • User questions
    • AI-generated answers
    • Session identifiers
  • Browser Activity:
    • All visited URLs
    • Tab switching activity
    • Page navigation events
    • Real-time browsing patterns

Stolen Information

This Trojan Spy sends the gathered information via HTTP POST to the following URL:

  • https://{BLOCKED}s.com/ext/aimodel

Other Details

This Trojan Spy connects to the following website to send and receive information:

  • https://{BLOCKED}s.com/ext/chatstatus

It does the following:

  • It stores the following data disguised as a legitimate ChatGPT-related code in Chrome local storage:
    • GPT Chat ID → Victim UUID for tracking
    • GPT Flag Value → Master enable/disable flag
    • Timestamp → Last exfiltration timestamp
    • Save Stored Data → Browsing data buffer (base64-encoded)
    • GPT Content → ChatGPT conversation buffer (base64-encoded)
  • It uses extension persistence hook to initialize the malware on first install or update, generating a victim UUID and sending an installation beacon to the C2 server.
  • It monitors all browser tab activity in real-time.
  • It exfiltrates data every 30 minutes via POST requests.
  • It clears local storage after successful exfiltration.
  • It uses debounced callbacks to avoid detection.

It does not exploit any vulnerability.

  SOLUTION

Minimum Scan Engine: 9.800
FIRST VSAPI PATTERN FILE: 20.718.03
FIRST VSAPI PATTERN DATE: 21 Jan 2026
VSAPI OPR PATTERN File: 20.719.00
VSAPI OPR PATTERN Date: 22 Jan 2026

Step 1

Before doing any scans, Windows 7, Windows 8, Windows 8.1, and Windows 10 users must disable System Restore to allow full scanning of their computers.

Step 2

Scan your computer with your Trend Micro product to delete files detected as TrojanSpy.JS.CHATGPTSTEALER.A. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check the following Trend Micro Support pages for more information:


Did this description help? Tell us how we did.