Over 100,000 ChatGPT Compromised Accounts Found on Dark Web

ChatGPT, Compromised Accounts, ChatGPT Compromised Account, Dark Web

Global security leader Group-IB has discovered over 100,000 ChatGPT compromised accounts on dark web marketplaces.

  • The majority of logs containing ChatGPT compromised accounts were breached by the notorious Raccoon info stealer, along with other info stealers like Vidar and RedLine.
  • The Asia-Pacific region, particularly India, had the highest number of ChatGPT accounts stolen by info stealers.

On June 20th, global security leader Group-IB identified over 100,000 ChatGPT compromised accounts on dark web marketplaces. Its Threat Intelligence Platform discovered these credentials within the logs of info-stealing malware that malicious actors have been trading on illicit dark web platforms over the past year.

Ever since its release, ChatGPT has been growing in popularity, especially among employees who rely on it to optimize their work. In a blog post, Dmitry Shestakov, Group-IB’s head of threat intelligence, emphasized this trend, stating that “many enterprises are integrating ChatGPT into their operational flow.”

Considering that the Natural Language Processing tool saves all interactions with the users to its datasets, any unauthorized access to the accounts can expose sensitive information. In turn, malicious actors might use such information to exploit companies and their employees.

According to the report, “the majority of logs containing ChatGPT accounts have been breached by the infamous Raccoon info stealer.” These security breaches also involved other info stealer malware, such as Vidar and RedLine. Such malware collects various data from infected computers, including credentials saved in browsers and bank card details, among a wealth of other information. As a result, the logs containing this compromised information are actively traded on dark web marketplaces. “Sellers” also add additional details to the “items” such as lists of domains found in the log and the IP address of the compromised host.

For their part, Group-IB’s Threat Intelligence tracks cybercriminal forums, marketplaces, and closed communities in hopes of identifying compromised credentials and any other suspicious activities or “items” for sale. In fact, it holds the industry’s largest library of dark web data, enabling companies to identify and mitigate cyber risks before further damage occurs.

Analysis of the ChatGPT compromised accounts’ data revealed that the Asia-Pacific region accounted for the highest number of ChatGPT accounts stolen by info stealers between June 2022 and May 2023, representing 40.5% of the total. Notably, India alone had 12,632 stolen credentials. This indicates a correlation between the adoption of AI and the number of stolen accounts. So, we can infer that the number of stolen accounts is directly proportional to the rate at which the world is adopting AI.

Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Intelligent Tech sections to stay informed and up-to-date with our daily articles.