Singapore-based cybersecurity firm Group-IB has identified more than 100,000 devices infected with infostealers storing stolen ChatGPT credentials.
Artificial intelligence (AI) has experienced exponential growth in recent years, and along with its widespread adoption, there has also been a worrying increase in the number of compromised ChatGPT credentials found on the dark web. This sensitive data poses a threat to users’ privacy and security and demands increased attention to online protection measures.
Group-IB, a Singapore-based cybersecurity firm, has identified more than 100,000 devices infected with infostealers storing stolen ChatGPT credentials.
The appeal of ChatGPT and its security challenges
ChatGPT, developed by OpenAI, is an advanced language model that uses generative AI techniques to have realistic conversations with users. Its popularity has grown rapidly due to its ability to answer questions and provide contextual responses. However, this increase in its use has also attracted the attention of cybercriminals.
The generative nature of ChatGPT means that the model can not only provide accurate answers, but can also generate text in a human-like manner. This makes it an attractive target for those looking to compromise credentials and gather personal information for malicious activities.
The Dark Web as a marketplace for stolen credentials
The dark web is an area of the internet that is not accessible through conventional browsers and where users operate anonymously. It is known to be a marketplace for illegal activities, including the trafficking of stolen data, including login credentials to various platforms and services.
Recently, there has been an increase in the number of ChatGPT credentials being offered and sold on the dark web. Cybercriminals can acquire these stolen credentials to gain access to users’ accounts and carry out fraudulent activities, such as identity theft, phishing, and spreading false information.
Implications for user privacy and security
The increase in the number of ChatGPT credentials compromised on the dark web raises serious implications for user privacy and security. Many people rely on ChatGPT to interact and get answers to their questions, however, if their credentials are compromised, they may face serious consequences.
Cybercriminals can use stolen credentials to access email accounts, social networks, and other online services. This could allow them to obtain sensitive personal information, such as financial data or passwords to other accounts, putting the user’s security at risk.
In addition, compromised credentials can also be used to spread false information or carry out online scams, which can damage the reputation and credibility of affected users.
Measures to protect ChatGPT credentials
Protecting the credentials of ChatGPT and other online services is a shared responsibility between users and technology providers. Here are some steps users can take to protect themselves:
- Strong Passwords: Using strong, unique passwords for each account and changing them periodically can make it more difficult for cybercriminals to access accounts.
- Two-Step Verification: Enabling two-step verification adds an extra layer of security and protects accounts even if credentials are compromised.
- Staying Informed: Keeping abreast of the latest cybersecurity news and being alert to potential threats can help users better protect themselves.