Over 100,000 ChatGPT Accounts' Data Breached and Sold on the Dark Web
Startling revelations have emerged regarding the security of ChatGPT accounts, as cybersecurity firm Group-IB reports a significant data breach affecting over 100,000 user credentials. According to Group-IB's research, these compromised accounts are now being traded on illicit dark web marketplaces, raising concerns about the safety of user information.
Group-IB, a leading global cybersecurity company based in Singapore, uncovered a staggering 101,134 infected devices harboring ChatGPT credentials.
The investigation revealed that the Asia-Pacific region was hit the hardest, accounting for 40.5% of the stolen ChatGPT accounts between June 2022 and May 2023. The United States, Vietnam, Brazil, and Egypt also experienced a high number of compromised accounts.
By analyzing the logs of info-stealing malware traded on dark web marketplaces, Group-IB's Threat Intelligence platform identified the compromised credentials. The situation reached its peak in May 2023, with 26,802 accounts falling victim to these malicious activities, leaving users in a state of alarm.
Group-IB emphasized the growing integration of ChatGPT in business communications and software development, which in turn leads to the sharing of sensitive information on the platform. Consequently, it becomes an attractive target for malicious actors seeking illegal gains. Moreover, the rising prominence of ChatGPT accounts in diverse underground communities has made them an irresistible target for cybercriminals.
Group-IB's analysis of these communities highlighted that a significant number of breached ChatGPT accounts were attributed to a notorious info-stealing hacker known as "Raccoon." Other malware, such as Vidar and Redline, were also identified as having compromised a considerable number of hosts with ChatGPT access.
Info-stealing hackers deploy malware designed to collect credentials, including those saved in browsers, bank card details, crypto wallet information, cookies, and browsing history. This data is then transmitted to the malware operator. Operating indiscriminately, this type of malware targets as many computers as possible to amass vast amounts of sensitive information.
Dmitry Shestakov, Head of Threat Intelligence at Group-IB, expressed the gravity of the situation, stating, "Many enterprises are integrating ChatGPT into their operational flow. Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT's standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials. At Group-IB, we are continuously monitoring underground communities to promptly identify such accounts."
To mitigate the impact of this cyberattack, experts recommend that users enable Two-Factor Authentication (2FA) on their ChatGPT accounts.
This additional layer of security requires users to provide a verification code in addition to their login credentials, significantly enhancing account protection. While it may slightly lengthen the login process, it is an essential measure to safeguard user accounts.
As the fallout from this data breach continues to unfold, ChatGPT users are urged to remain vigilant and take necessary precautions to protect their personal information and sensitive data.
Source: neowin.net