In a revelation by cybersecurity firm Group-IB, over 100,000 devices have been infected with stealer malware that contains saved ChatGPT credentials.
- The compromised credentials were found in info-stealing malware logs traded on dark web marketplaces.
- The number of logs containing ChatGPT accounts reached a peak of 26,802 in May 2023.
- The Asia-Pacific region had the highest concentration of ChatGPT credentials being sold.
- ChatGPT, developed by OpenAI, is popular among employees across industries and stores user queries and AI responses.
- The exposure of confidential information can lead to targeted attacks against companies and employees.
- Group-IB’s Threat Intelligence platform monitors cybercriminal forums and identifies compromised credentials.
- Raccoon info stealer is the malware responsible for breaching most logs containing ChatGPT accounts.
- Info stealers collect credentials, card details, browsing history, and device information to send to the malware operator.
- The Asia-Pacific region had the largest number of ChatGPT accounts stolen by info stealers.
Group-IB suggests updating passwords regularly and implementing two-factor authentication to mitigate risks associated with compromised ChatGPT accounts.
By
By
By
By
By
By