ChatSAI
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 9,018 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 137 |
| First Seen: | April 20, 2023 |
| Last Seen: | September 25, 2023 |
| OS(es) Affected: | Windows |
Upon analyzing the ChatSAI application, cybersecurity researchers discovered that it operates as a browser hijacker. This program alters the settings of a Web browser to promote the use of chatsai.nextjourneyai.com, an address belonging to a fake search engine. It is essential to note that users typically install PUPs (Potentially Unwanted Programs) and browser hijackers without realizing it. It is also clear that the developers of the dubious app are trying to take advantage of the current popularity and discourse around the AI chatbot application, ChatGPT.
ChatSAI Browser Hijacker will Take Control Over Essential Settings of Users' Web Browsers
The software application, ChatSAI, has been programmed to automatically set the default search engine, homepage, and new tab of a user's Web browser to chatsai.nextjourneyai.com. This website, however, is a fake search engine and does not provide genuine search results. Instead, it initiates a redirect chain that leads users to another search engine, gsearch.co, through track.clickcrystal.com.
Using such shady search engines may expose users to various risks, such as malware infections, identity theft, inaccurate and misleading information, violation of privacy, and the tracking of search history. It is crucial to opt for trustworthy and reputable search engines to ensure the protection of personal information and to get accurate search results.
Some hijackers may be utilize persistence techniques and reinstall themselves even after being removed, making it difficult for users to permanently get rid of them. This can cause frustration and make users feel like they have lost control of their web browser.
PUPs and Browser Hijackers Try to Hide Their Installation from Users via Dubious Tactics
The distribution of PUPs and browser hijackers can occur through various methods, including software bundling, fake updates, social engineering, and unsafe websites.
One of the most prevalent methods is software bundling, where the PUP or browser hijacker is packaged with a legitimate software program that the user intends to download and install. Often, users may unknowingly agree to install these additional programs during the installation process, leading to the installation of unwanted software.
Another method is fake updates, where users are prompted to download and install a software update or patch, but the update itself is an unwanted program that installs the PUP or browser hijacker on the user's system.
Social engineering tactics are also used to trick users into installing PUPs and browser hijackers. This can include the use of misleading advertisements, fake download buttons, or pop-up windows that urge users to install software or provide personal information.
Lastly, untrustworthy websites can also distribute PUPs and browser hijackers. These websites may prompt users to install software or offer downloads that contain malware, leading to the installation of unwanted software on the user's system.
