This was discovered by Group-IB’s cybersecurity researchers, who noted that 100,000 devices were infected by Raccoon, Vidar, and Redline malware, which held compromised ChatGPT credentials.
In a recent investigation, cybersecurity researchers at Group-IB have uncovered a concerning trend involving over 100,000 devices infected with stealers, holding compromised ChatGPT credentials.
Through their Threat Intelligence platform, Group-IB found logs of info-stealing malware traded on illicit dark web markets, with a peak of 26,802 compromised ChatGPT accounts recorded in May 2023. The Asia-Pacific region experienced the highest concentration of compromised ChatGPT credentials for sale over the past year, according to the report.
Experts at Group-IB emphasize the growing adoption of ChatGPT by employees across various industries, from software development to business communications. The default settings of ChatGPT store user queries and AI responses, potentially exposing confidential information to unauthorized access and posing a risk of targeted attacks against companies and individuals.
The popularity of ChatGPT accounts within underground communities has surged, as noted in Group-IB’s findings. One example is the eagerness of Russian hackers to abuse ChatGPT’s restrictions in order to create malware and carry out other malicious activities.
Group-IB’s Threat Intelligence platform, which monitors dark web activities in real-time, has become a vital resource for identifying compromised credentials, stolen credit cards, fresh malware samples, and access to corporate networks.
The analysis further revealed that a majority of ChatGPT accounts were breached by the notorious Raccoon info stealer, underscoring the simplicity and effectiveness of info stealers in harvesting personal data. These compromised logs are actively traded on dark web marketplaces, often including additional details such as compromised host IP addresses and associated domain lists.
Analyzing the information collected, Group-IB identified the countries and regions with the highest concentration of devices infected by stealers and holding compromised ChatGPT credentials. The Asia-Pacific region accounted for 40.5% of the ChatGPT accounts stolen by info stealers between June 2022 and May 2023.
In a press release shared with Hackread.com by Group-IB, Dmitry Shestakov, Head of Threat Intelligence, highlighted the need for vigilance and emphasizes the importance of promptly identifying compromised accounts in underground communities.
Group-IB recommends regular password updates and the implementation of two-factor authentication (2FA) to mitigate the risks associated with compromised ChatGPT accounts.
How to Secure a ChatGPT Account
Securing ChatGPT and other accounts is crucial to protect sensitive information and prevent unauthorized access. Here are some measures to enhance the security of ChatGPT accounts:
Strong Passwords: Create strong and unique passwords for ChatGPT accounts. Use a combination of uppercase and lowercase letters, numbers, and special characters. Avoid using easily guessable passwords or reusing passwords from other accounts.
Two-Factor Authentication (2FA): Enable 2FA whenever possible. This adds an extra layer of security by requiring an additional verification step, such as a unique code sent to a mobile device, to access the ChatGPT account.
Regular Password Updates: Periodically change passwords for ChatGPT accounts to minimize the risk of unauthorized access. Avoid using the same password for an extended period and ensure new passwords are strong and unique.
Account Monitoring: Regularly monitor ChatGPT accounts for any suspicious activity or unauthorized access. Keep an eye on login history, account settings, and any unusual behaviour. If any suspicious activity is detected, take immediate action, such as resetting the password and reporting the incident to the service provider.
Be Cautious with Sharing: Avoid sharing ChatGPT account credentials with others unless necessary. Keep the login details confidential and discourage sharing of account information, especially with unknown or untrusted individuals.
Stay Updated: Keep the ChatGPT application and associated software up to date. Software updates often include security patches that address vulnerabilities and enhance overall security.
Be Wary of Phishing Attempts: Stay vigilant against phishing attempts, where attackers try to trick users into revealing their account credentials. Be cautious of emails, messages, or links asking for personal information or login details. Verify the authenticity of communications before providing any sensitive information.
Secure Devices: Ensure that the devices used to access ChatGPT accounts are protected with up-to-date antivirus software, firewalls, and operating system patches. Regularly scan for malware or suspicious activities on devices to maintain their security.
Regular Security Awareness Training: Educate users about best practices for account security, such as the importance of strong passwords, recognizing phishing attempts, and safe browsing habits. Regularly train users to enhance their understanding of potential risks and how to mitigate them.
Limit Data Storage: If possible, configure ChatGPT to minimize or avoid storing chat history or sensitive information. Limiting the amount of data stored can help reduce the impact in case of a data breach.
We hope that by following these security measures, users can significantly reduce the risk of unauthorized access and protect their ChatGPT accounts and the information associated with them.