News

Hackers Leak Over 100,000 ChatGPT Credentials on the Darknet

Add a heading
Rate our article

ChatGPT has been hacked! Yeah, you heard that correctly. On the 20th of June 2023, Group-IB reported that hackers had leaked over 100,000 credentials of ChatGPT users onto the darknet. After this report, tons of ChatCPT users are left asking, What now? 

Infecting And Attacking

In June 2022, Group IB, a well-known cyber security activist, reported that ChatGPT user credentials were being targeted and stolen by hackers and sold on the darknet. To date, there have been 101,134 ChatGPT accounts compromised by threat actors. This shockingly emphasizes the need for extra security on platforms like ChatGPT.

According to Group IB, the theft was orchestrated with Raccoon Infostealer malware. Raccoon is a Russian-made malicious software that was discovered in 2019. This malware has been responsible for loads of robberies in the last year. Up to $3 million has been reported stolen from crypto markets, according to Chainalysis. With Raccoon, researchers also identified that 12,984 logs were associated with Vidar, and 6773 were connected to Redline.

Most of the info stolen has been done so in the last year due to phishing attacks on companies and individuals. Phishing is sending emails to people while presenting yourself as a reputable organization to get their personal information. 

Using information-stealing malware, hackers have managed to steal credentials from countries worldwide. Group IB reports the following amounts of devices infected by information-stealing devices in the last year:

  1. Asia-Pacific= 40.999
  2. Middle East and Africa= 24,925
  3. Europe= 16,951
  4. Latin America= 12,314
  5. North America= 4,737
  6. CIS= 754
  7. Unknown= 454

While these are basic statistics of where the most devices are infected, we also have a list of the countries with the most infected devices, with the top three being India with 12,632 infected machines, Pakistan with 9,217 infected devices, and Brazil with 6,531 infected devices.  

What does an Info Stealer do?

Info stealers are malicious software designed to steal and collect user credentials saved in browsers. This includes your bank card details, crypto wallet info, browsing history, or cookies. This software can target whatever personal information you have saved on your browser. 

Info-stealing software can even target your info on your mobile device. Whether it be through your social media platforms or communication apps. What makes info stealers so dangerous is that they need to be more selective in their targets. Their goal is to steal and infect as many devices as possible, hoping they hit the jackpot. 

Once info stealers have collected as much data as possible, they sell the logs containing compromised information on darknet markets. These logs will often include information like lists of domains and the IP address of the host. 

How does this Effect Major Companies

Since its release, ChatGPT or OpenAI has been incorporated into many of the company’s operations since its release. With tons of client information stored and processed with AI, many people are at risk of a cyber-attack.

For example, a leading online workplace “Slack” has integrated GPT into its workspace. By Slack allowing its users to integrate ChatGPT to help with managing workflows, it opens the door for hacked accounts to hold extremely sensitive information.

The head of threat intelligence at Group-IB, Dmitry Shestkov, had this to say;

“Many enterprises are integrating ChatGPT into their operational flow. Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials. At Group-IB, we are continuously monitoring underground communities to promptly identify such accounts.”

However, there are methods that companies should practice regularly to ensure their online privacy. It’s clear from what Dmitry says that companies that have integrated AI into their workflow are at greater risk. 

More Information on the Hack

While the account logs stolen were from ChatGPT, OpenAI, the mother company of ChatGPT, did have to say that they were not directly affected by this hack. They said: “The findings from Group-IB’s Threat Intelligence report are the result of commodity malware on people’s devices and not an OpenAI breach.” While investigating any possible breaches, Open AI assures us its software is safe and secure. 

That said, it is still wise to learn how to use chatbots like ChatGPT safely. Even on these clearnet website, you need to up your OpSec.

Firstly, use two-factor authentication (2FA). This means you must use two different methods to access your personal info, like a password and fingerprint. 

In today’s cyber world, setting a strong password should be like second nature to us. Even with 2FA, having a strong password is vital. Get a good VPN. With the rise of cybercrime, the software to protect yourself has also increased.

There are loads of great VPNs like Nord or Express VPN. VPNs encrypt your data, making it more difficult to trace, decrypt, and steal. You could also use the Tor browser for more privacy. However, these are not solid walls hackers can’t get over to get to your personal info. You also need to be wise as to how you use the web. 

Avoid going to dodgy sites or using your personal information; if you get a sketchy email, don’t open it. Finally, avoid putting sensitive data in ChatGPT altogether. Remember that ChatGPT retains each chat. With these chat logs available, a hacker can freely read anything on them.