Amid the recent buzz of ChatGPT and Gen AI, there is news of recent compromised ChatGPT accounts found on the darknet. Close to 101,100 OpenAI’s ChatGPT account details have been conceded between the duration of June 2022 to May 2023. In India alone, 12,632 credentials are stolen and displayed on the dark web.
Some information snitching logs presented the stolen credentials for sale on their platform.
There was a huge hike in the compromised logs of the ChatGPT accounts in May 2023, it was quoted by its headquarters based in Singapore.
The Asia-Pacific region has topped in the case of ChatGPT credentials being stolen and offered for sale on the dark web. This situation is there for the last year. Besides, India at the top there are several other countries on the list too. Pakistan, Egypt, Indonesia, U.S. Vietnam, Morocco, Bangladesh, and Brazil are some of the countries which faced these frauds being carried out.
The Raccoon info stealer(78,348), which has been active in other previous cyber attacks, has topped in stealing the credentials followed by Vidar(12,984) and RedLine(6,773).
Cybercriminals are preferring information stealers as they are pro in their competence in hijacking credit cards, cookies, passwords, and other vulnerable data from the internet. These stolen logs containing the hacked pieces of information are conveniently traded over the dark net forums.
How To Mitigate the Risk?
The Users of ChatGPT must follow the appropriate password hygiene, suggested by OpenAI.
Users must also use two-factor authentication(2FA) to prevent attackers from intruding on the system.
How did they hack the system?
In the recent cases from January 2023, the researchers observed that the victims were phished into downloading ZIP files, having the VBScript loader that executes manually over the system.
These VBScript files also had a new variant of malware known as GuLoader, viz. CloudEyE. The GuLoader launches the PowerShell scripts on the victim’s system and automatically executes several commands and encrypted shell codes once the VBScript file is opened.
Update
The recent update given by OpenAI is that it is investigating all the accounts being hacked by the malware. It assured that it maintains a high level of practices to protect its products and services, including ChatGPT. But, users must use good password hygiene to be safe from such attacks in the future. It also suggested they download the verified software only from authentic sources.
For more such news on cybersecurity related stuff stay tuned to cybermetrics.eu .
