Over 100,000 ChatGPT User Accounts on Dark Web

Over 100,000 ChatGPT User Accounts on Dark Web

In a world growing ever reliant on digital technologies and AI-based services, a significant cybersecurity incident has surfaced. Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023. It’s a testament to the increasing threat that cybercrime poses to individual and business security worldwide.

The sheer volume of this breach is alarming, with the peak of available logs containing compromised ChatGPT accounts reaching a high of 26,802 in May 2023. Interestingly, the stolen credentials exhibit a diverse geographical distribution. India alone accounted for 12,632 stolen credentials, whereas other countries like Pakistan, Brazil, Vietnam, Egypt, the U.S., France, Morocco, Indonesia, and Bangladesh also saw a considerable number of compromised ChatGPT credentials.

The majority of logs containing compromised ChatGPT accounts have been breached by the notorious Raccoon info stealer, which was responsible for 78,348 cases.

Other significant players in this breach were Vidar and RedLine, which accounted for 12,984 and 6,773 breached accounts, respectively.

Information stealers, like Raccoon, Vidar, and RedLine, have gained popularity among cybercriminals for their ability to hijack passwords, cookies, credit cards, and other information from browsers, including cryptocurrency wallet extensions. Information stealers operate by collecting information from victims’ systems and sending it to a remote server controlled by the attacker. The stolen data includes passwords, credit card information, cookies, and browser history, among other things.

“Logs containing compromised information harvested by info stealers are actively traded on dark web marketplaces,” says Group-IB, highlighting the demand for such data among nefarious actors.

The Impact and Consequences of the Breach

The implications of the ChatGPT breach extend beyond the immediate victims. It also affects businesses that have integrated ChatGPT into their operations and regular users of the platform.

Many businesses are integrating AI technologies like ChatGPT into their operational flow. A breach of this magnitude not only poses a threat to their operational integrity but could also potentially compromise their customer data and trust

Individuals affected by the breach could face various threats, including identity theft, financial loss, and privacy invasion. Personal data, once in the wrong hands, can be misused in numerous ways.

Protecting Against Info Stealers and Future Breaches

Given the ever-increasing threat from information stealers and cybercrime in general, both businesses and individuals need to take proactive steps to protect their data.

Companies can employ practices such as regular security audits, employee cybersecurity training, and the use of two-factor authentication (2FA) to better protect their systems and data. Individuals can use unique, strong passwords for each account, use a reputable password manager, and regularly update their software and systems to safeguard against breaches.

 

Source

https://www.group-ib.com/media-center/press-releases/stealers-chatgpt-credentials/

https://thehackernews.com/2023/06/over-100000-stolen-chatgpt-account.html

Similar Stories,

Ransomware Group Strikes: A Major Bank in Spain

No Image - Over 100,000 ChatGPT User Accounts on Dark Web
May 21st, 2024

ISO 27002:2022

Copy link
Powered by Social Snap