Cybersecurity firm Group-IB recently uncovered a significant security breach involving ChatGPT accounts. The company's Threat Intelligence platform detected more than 100,000 compromised devices with saved ChatGPT credentials traded on illicit Dark Web marketplaces over the past year.
These compromised accounts pose a serious risk to businesses, especially in the Asia-Pacific region, which has experienced the highest concentration of ChatGPT credentials for sale.
Since its creation, ChatGPT has gained rapid popularity among employees for optimizing various aspects of their work, including software development and business communications.
However, Group-IB says the default configuration of ChatGPT retains the history of user queries and AI responses, making unauthorized access to these accounts potentially disastrous. Cybercriminals who obtain ChatGPT credentials can exploit the sensitive information stored within the accounts for targeted attacks against individuals and organizations.
Group-IB's Threat Intelligence platform, which monitors cybercriminal forums, marketplaces, and closed communities in real-time, discovered that the majority of compromised ChatGPT accounts were breached by the infamous Raccoon info stealer.
Info stealers are a type of malware that specializes in collecting various credentials and personal information from infected computers. This includes data from browsers, such as saved credentials, browsing history, and cookies, as well as information from instant messengers and emails.
Info stealers are also indiscriminate, infecting as many computers as possible to maximize the amount of data collected. They have become a significant source of compromised personal data due to their simplicity and effectiveness.
Group-IB's analysis revealed that the Asia-Pacific region accounted for 40.5% of the stolen ChatGPT accounts between June 2022 and May 2023, indicating the region's vulnerability to cyber threats. This finding should serve as a wake-up call for businesses operating in the Asia-Pacific region to bolster their cybersecurity measures and protect their valuable data.
The chart below shows the countries with the most compromised credentials:
"Many enterprises are integrating ChatGPT into their operational flow. Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT's standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials. At Group-IB, we are continuously monitoring underground communities to promptly identify such accounts."
To mitigate the risks associated with compromised ChatGPT accounts, Group-IB advises users to update their passwords regularly and implement two-factor authentication (2FA).
The discovery of more than 100,000 compromised ChatGPT accounts underscores the importance of staying informed about the threat landscape and taking proactive cybersecurity measures. Organizations must prioritize the protection of their sensitive data and customer information to mitigate potential damages.
Follow SecureWorld News for more stories related to cybersecurity.