The accounts of ChatGPTapparently, are “precious commodities” for i cybercriminali.
As happened in the middle of last year, an impressive number of credentials relating to the well-known chatbot were discovered and offered for sale on Dark Web. We are talking about a huge number, estimated at more than 225,000 accounts involved.
What happened was discovered and analyzed by the cybersecurity company Group-IB. According to the experts who identified this illegal market, the cybercriminals’ loot was obtained through the use of various infostealers such as Raccoon, LummaC2 e RedLine.
In the report of the aforementioned security company, it was reported as, between June and October last year, the three malware just mentioned saw an overall increase in activity compared to the previous five months.
ChatGPT credential theft: numbers more than doubled compared to the previous case
In the same period of time, they were therefore estimated approximately 130,000 unique hosts compromised which contained access data relating to the service OpenAI. Numbers in hand, we’re talking about a 36% increase compared to the previous months of 2023. Apparently, ChatGPT accounts represent one of the most coveted “preys” for those who manage malware.
The similar case, which occurred in June 2023, saw OpenAI directly blaming users for lack of attention in the context of the credential protection.
On that occasion we talked about approx 100,000 accounts stolen and put up for sale on the Dark Web, with an operation similar to the current one (although with smaller numbers). In this specific context, the feared one was also among the various infostealers considered guilty of the massive data theft Further.
ChatGPT accounts tend to store private data that is very interesting for cybercriminals and, for this very reason, a sort of “black market” for the buying and selling of related credentials has arisen on the Dark Web.