Over 100,000 ChatGPT Account Credentials Leaked

chatgpt-leaked

As technology becomes more important in our lives, keeping our online information safe has become a top priority for people around the world. ChatGPT is a chatbot powered by OpenAI’s artificial intelligence, and it has become quite popular. However, there are worries about the security of ChatGPT and the possibility that users’ accounts could be compromised.

Quick facts:

  • More than 100,000 user credentials of ChatGPT were stolen and sold on the dark web.
  • In May 2023, information stealer logs showed a high point with 26,802 compromised ChatGPT accounts.
  • The breaches were primarily caused by notorious information stealers such as Raccoon, Vidar, and RedLine.

In a highly concerning development, a recent report by cybersecurity firm Group-IB has revealed that over 100,000 user credentials for OpenAI’s ChatGPT platform have been compromised and traded on illicit dark web marketplaces. This security breach, which took place between June 2022 and May 2023, has exposed the sensitive data of ChatGPT users to potential risks. Shockingly, India alone accounted for a staggering 12,632 stolen accounts.

The compromised credentials were discovered within information stealer logs that were made available for sale on the cybercrime underground. The report highlights that the number of these logs, containing compromised ChatGPT accounts, reached a peak of 26,802 in May 2023, indicating the alarming scale of the breach.

The Asia-Pacific region has emerged as the epicenter of this cybercrime spree, with a significant concentration of ChatGPT credentials being offered for sale over the past year. In addition to India, countries such as Pakistan, Brazil, Vietnam, Egypt, the United States, France, Morocco, Indonesia, and Bangladesh have also reported notable numbers of compromised accounts.

Also Read: How to use ChatGPT 4 for free

Info Stealers Target OpenAI ChatGPT Users

In a detailed analysis conducted by Group-IB, it was discovered that the majority of these breaches can be attributed to three well-known information thieves: Raccoon, Vidar, and RedLine. These notorious entities were responsible for compromising a significant number of ChatGPT accounts.

Raccoon stands out as the most prolific offender, having compromised an astounding 78,348 ChatGPT accounts. Following closely behind is Vidar, responsible for 12,984 breaches, while RedLine compromised 6,773 accounts.

Information stealers have gained popularity among cybercriminals due to their ability to effectively hijack sensitive data from web browsers. This includes stealing passwords, cookies, credit card details, and even cryptocurrency wallet extensions. Their proficiency in extracting such valuable information has made them attractive tools for cybercrime activities.

The stolen credentials are actively being traded on dark web marketplaces, creating a dangerous gateway for launching further attacks using the acquired information. This poses a significant risk, especially considering that ChatGPT is widely used by enterprises. It’s concerning because employees often use the platform for classified correspondences or to optimize proprietary code.

Also Read: What Is EU’s AI Act and How Would It Affect ChatGPT?

A key concern highlighted by Dmitry Shestakov, head of threat intelligence at Group-IB, is that ChatGPT’s standard configuration retains all conversations. If threat actors obtain account credentials, this inadvertently exposes a treasure trove of sensitive intelligence. It’s a serious issue that needs attention.

To protect against account takeover attacks, users are strongly advised to follow password hygiene best practices and secure their accounts with two-factor authentication (2FA). These security measures can significantly enhance the protection of user accounts.

Interestingly, this breach occurs in the midst of an ongoing malware campaign that takes advantage of fake OnlyFans pages and adult content lures. The attackers use this strategy to deliver a remote access trojan and an information stealer called DCRat (also known as DarkCrystal RAT). It’s worth noting that DCRat is a modified version of the infamous AsyncRAT. This demonstrates the complexity and sophistication of the current threat landscape.

OpenAI has not released any official statement regarding the breach, leaving ChatGPT users understandably worried about the security of their accounts and the potential exposure of their sensitive information.

This incident serves as a clear reminder for both individuals and organizations to stay vigilant and take proactive steps to safeguard their online accounts. It is crucial to prioritize security measures and adopt best practices to mitigate the risks associated with such breaches. 

By being proactive and cautious, users can significantly enhance their online security and protect themselves from potential threats.

Also Read: 100+ Best ChatGPT Prompts for Everything