Do you have a ChatGPT account? It's not as safe as you think. According to research published by Group-IB, over 100.000 account credentials have been compromised and sold on dark web. Group-IB is a cyber security company based in Singapore.
The Group-IB group he says that the Asia-Pacific region had the highest number (40,5%) of ChatGPT accounts stolen by malware since June 2022 until May 2023. Other heavily affected regions include the US, Vietnam, Brazil and Egypt.
The company's Threat Intelligence platform discovered these stolen credentials in the log files of the malware that has been stealing information traded on illegal dark web markets since 2022.
Group-IB said that the increasing integration of ChatGPT into business communication and software development makes it an ideal target that can be exploited to gain illicit benefits. As reported by Group IB, ChatGPT accounts are very popular in various underground communities.
The company analyzed such communities and found that the majority of ChatGPT accounts have been compromised by a hacker named Raccoon. The malware that has been used is Vidar and Redline.
Αυτός ο τύπος κακόβουλου λογισμικού συγκεντρώνει διαπιστευτήρια που είναι αποθηκευμένα σε προγράμματα περιήγησης, όπως στοιχεία τραπεζικών καρτών, πληροφορίες wallets, cookie, record περιήγησης και άλλες πληροφορίες από browsers που είναι εγκατεστημένοι σε μολυσμένους υπολογιστές. Στη συνέχεια στέλνουν όλα αυτά τα δεδομένα στον χειριστή του κακόβουλου λογισμικού. Αυτός ο τύπος κακόβουλου λογισμικού λειτουργεί μη επιλεκτικά, και επηρεάζει όσο το δυνατόν περισσότερους υπολογιστές για να συλλέξει όσο το δυνατόν περισσότερα δεδομένα.
To avoid such attacks you should enable 2-factor authentication (2FA). While it makes the login process a bit more time-consuming, it's a great way to increase your account security.
