HQ/EMEAFind out how we can help your business
A new dark marketplace data report claimed that information-stealing malware operators had stolen over 100,000 ChatGPT user accounts for the past year.
Based on reports, there are over a hundred thousand information-stealer logs on various dark web websites, including ChatGPT accounts. The recent surge of attacks surged last month when attackers posted nearly 27,000 ChatGPT credential pairs.
Moreover, the confirmed most targeted region of these malware operators came from Asia-Pacific, with about 41,000 infected accounts between June 2022 and May 2023. European countries also suffered significant losses after 17,000 users fell into the hands of the attackers.
The information stealer stores the stolen credentials, packages them into archives, calls logs, and exfiltrates them to attacker-controlled servers.
ChatGPT accounts are now one of the most attractive targets for threat actors.
Cybersecurity experts stated that ChatGPT accounts now gather the same attention as common targets for threat actors, such as email accounts, crypto wallets, and credit card information.
Threat actors now target ChatGPT accounts since the tool allows users to store conversations. Hence, it could enable an account holder to access propriety information, personal communications, software code, and internal business strategies.
A recent tally from a security company revealed that the number of lost ChatGPT logs had risen significantly over the past few months. The most damaging malware strains that attacked the application were Raccoon, Vidar, and Redline. Racoon is responsible for most attacks after stealing about 80% of all logs from ChatGPT accounts.
Users should consider turning off the chat saving function from ChatGPT’s settings menu or manually deleting meaningful conversations after using the tool to avoid losing essential conversations to attackers.
Unfortunately, some infostealers snap screenshots of the infected system or perform keylogging attacks, rendering the strategy mentioned earlier irrelevant. Hence, the malware infection could still expose the information even if a user does not save conversations on the ChatGPT account.
ChatGPT has already experienced a data breach incident where users saw other users’ personal data and chat queries. Therefore, everyone using the tool should refrain from trusting it with sensitive information unless it is essential.
UPDATE: A recent tally shows that the Raccoon Stealer still holds the most causes of attack after compromising over 78,000 accounts. Vidar follows with nearly 13,000, and RedLine completes the top three infostealer that targets ChatGPT accounts with 7,000 cases.
New investigations showed that compromised ChatGPT accounts could also pave the way for additional infection to any organisational network. Researchers stated that once an unauthorised individual acquires access to an account, they could exploit it to deploy several cybercriminal activities, like phishing attacks, malware propagation, or escalating privileges within a target’s infrastructure.
Experts suggest that ChatGPT users should update their passwords constantly and implement 2FA systems to prevent potential data breaches. Lastly, enabling two-factor authentication could fortify a network’s defence since it requires an additional verification code before accessing accounts like ChatGPT.
