The login data of over 100,000 accounts, of OpenAI’s ChatGPT automated chat program, was leaked into the dark web, according to a report this week from Group-IB, a Singapore-based cybersecurity company, according to the Indian TOI website.
The Group-IB wrote that the theft of credentials began in June 2022 but peaked at 26,802 stolen logins in May 2023, and the report said the theft was coordinated using the malicious Raccoon Infostealer software, downloaded by victims after receiving a phishing email.
Once infected, malware collects login credentials, history and cookies saved in web browsers, Group-IB said this could also include encryption portfolio information, and according to blockchain Chainalysis analyst, more than $3 billion in cryptocurrencies were stolen in 2022 alone.
One of the most common forms of cyber-attacks and phishing attacks comes in the form of emails, texts, or messages on social media and involves the sending of fraudulent communications such as texts and messages on social media that appear to come from a reputable source.
In a co-authored press release with ChatGPT, Group-IB wrote: “This type of malware affects as many computers as possible through phishing or by other means in order to collect as much data as possible,” and “the thieves emerged as the primary source of compromised personal data because of their simplicity and effectiveness.”
The Group-IB wrote in its report that the majority of ChatGPT’s stolen credentials, about 41,000 of them, were from the Asia Pacific region. Group-IB recommends users update their passwords and use two-factor authentication on their accounts.
Earlier this month, OpenAI pledged $1 million for AI cybersecurity initiatives, and in October 2022, the U.S. Attorney’s Office for the Western District of Texas unveiled the DOJ indictment against Mark Sokolovsky for his alleged role in Raccoon Infostealer, which the agency described as an international cybercrime operation.
The software was introduced as “malware as a service” (MaaS), allowing users to rent access to illicit tools for a monthly fee, and according to DOJ documents, Sokolovsky was charged with one count of conspiracy to commit computer fraud; one count of conspiracy to commit wire fraud; one count of conspiracy to commit money laundering; and one count of aggravated identity theft.
The Amsterdam District Court granted Sokolovsky extradition to the United States for trial on September 13, 2022. If convicted, Sokolovsky faces 20 years in federal prison, and OpenAI, Group-IB, and the U.S. Department of Justice have not yet responded to Decrypt’s request for suspension.
Of the total suspicious logins, 40,999 were from Asia Pacific; followed by 24,925 from the Middle East and Africa. 16,951 from Europe and 12,314 from Latin America.
When it comes to countries, India topped the list with 12,632 compromised credentials, followed by Pakistan (9,217), Brazil (6,531), Vietnam (4,771), Egypt (4,588), United States (2,995), France (2,923), Morocco (2647), Indonesia (2.555), and Bangladesh (2463).
How to protect
In order to mitigate the risks associated with compromised ChatGPT accounts, it is recommended that users regularly update their passwords, in addition, users should not enter their sensitive data or customer information on chatbots.
