Do you have a ChatGPT account? It's not as safe as you think. According to research published by Group-IB, over 100.000 account credentials have been compromised and are being sold on the dark web. Group-IB is a cyber security company based in Singapore.
The Group-IB group he says that the Asia Pacific region had the highest number (40,5%) of ChatGPT accounts stolen by malware from June 2022 through May 2023. Other highly affected regions include the US, Vietnam, Brazil and Egypt.
The company's Threat Intelligence platform discovered these stolen credentials in the log files of the malware that has been stealing information traded on illegal dark web markets since 2022.
Group-IB said that the increasing integration of ChatGPT into business communication and software development makes it an ideal target that can be exploited to gain illicit benefits. As reported by Group IB, ChatGPT accounts are very popular in various underground communities.
The company analyzed such communities and found that the majority of ChatGPT accounts have been compromised by a hacker named Raccoon. The malware that has been used is Vidar and Redline.
This type of malware collects credentials stored in browsers, such as bank card details, wallet information, cookies, browsing history and other information from browsers installed on infected computers. They then send all this data to the malware operator. This type of malware works indiscriminately, affecting as many computers as possible to collect as much data as possible.
To avoid such attacks you should enable 2-factor authentication (2FA). While it makes the login process a bit more time-consuming, it's a great way to increase your account security.