AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

ChatGPT credential theft: more than 100,000 cases in 2022-2023

Information thieves expose numerous OpenAI ChatGPT credentials on dark web markets, with India and Asia-Pacific particularly affected

This pill is also available in Italian language

In the period between June 2022 and May 2023, over 101,100 compromised OpenAI ChatGPT credentials were found on illicit dark web marketplaces. India has been particularly affected by this issue, alone accounting for 12,632 stolen credentials. These credentials were traced to information theft records made available for sale in the cybercrime underground, Group-IB reported in a report shared with The Hacker News.

Maximum concentration of compromised credentials in the Asia-Pacific region

The number of available logs containing compromised ChatGPT credentials peaked at 26,802 in May 2023, the Singapore-based company reported. The Asia-Pacific region has seen the highest concentration of ChatGPT credentials offered for sale in the last year. Other countries with the highest number of compromised ChatGPT credentials include Pakistan, Brazil, Vietnam, Egypt, the United States, France, Morocco, Indonesia, and Bangladesh.

Role of information thieves in credential theft

Further analysis revealed that the majority of registries containing ChatGPT accounts were hacked by notorious information thief Raccoon (78,348), followed by Vidar (12,984) and RedLine (6,773). Information thieves have become popular among cybercriminals for their ability to hijack passwords, cookies, credit cards and other information from browsers and cryptocurrency wallet extensions. “Logs containing compromised information gathered by information thieves are actively traded on dark web marketplaces,” Group-IB said.

Risk mitigation measures and ongoing attacks

To mitigate these risks, users are advised to follow proper password hygiene practices and secure their accounts with two-factor authentication (2FA) to prevent account takeover attacks. This issue is co-emerging with an ongoing malware campaign that exploits fake OnlyFans pages and adult content scams to distribute a remote access trojan and information stealer called DCRat (or DarkCrystal RAT), a modified version of AsyncRAT. “In the observed examples, victims were tricked into downloading ZIP files containing a VBScript loader that is run manually,” eSentire researchers said, noting that the activity has been ongoing since January 2023.

Follow us on Facebook for more pills like this

06/21/2023 07:00

Editorial AI

Last pills

Serious vulnerability discovered in Rabbit R1: all user data at riskVulnerability in Rabbit R1 exposes sensitive API keys. What are the privacy risks?

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat