Over 100,000 ChatGPT credentials were discovered on dark web marketplaces, according to research from Group-IB, a Singapore-based cybersecurity pioneer.
The most widely used website at the moment is ChatGPT. Due to its super-intelligent capabilities, millions of individuals all around the world are registering for it. It appears that hundreds of ChatGPT accounts have just been compromised, with India topping the list.
Over 100,000 OpenAI ChatGPT credentials were discovered on dark web marketplaces between June 2022 and May 2023, according to recent research. A leader in cybersecurity named Group-IB, based in Singapore, discovered 1,01,134 machines with stolen ChatGPT credentials.
According to a research by Group-IB's Threat Intelligence team, Asia Pacific experienced the highest rate of information theft from ChatGPT accounts, with 40.5% between June 2022 and May 2023. With 24,925 and 16,951 cases, respectively, the Middle East and Africa, and Europe occupied the second and third positions.
India led the list of nations with the most compromised ChatGPT credentials (12,632), followed by Pakistan (9217) and Brazil (6,531). The country with the fewest incidents was Bangladesh (2,463).
The exposed credentials were discovered by the company's threat intelligence platform in the logs of information-stealing malware that was sold on dark web markets over the previous year. In May 2023, there were 26,802 logs with hacked ChatGPT accounts. According to the company's research, the Asia-Pacific area was home to the majority of the ChatGPT credentials that were for sale on the dark web.
Professionals have been using ChatGPT to improve their productivity, software development, and even business communications for the past few months. The chatbot keeps a record of all user inquiries and AI responses. As a result, any illegal access could possibly endanger sensitive data. Later, companies and their personnel may be the target of this sensitive information. According to the most recent Group-IB research, ChatGPT is extremely well-liked among dark web communities.
What is malware that steals information?
Info stealers are a sort of malware that collects data recorded in browsers, including cookies, browsing history, bank card information, information about cryptocurrency wallets, etc. They gather this data from installed browsers on infected machines and later give it to the virus operator.
Along with other sensitive information from a victim's device, the information thieves can also mine data from emails and instant messengers. This type of malware uses phishing or other methods to infect as many machines as possible simultaneously in order to collect data.
Due to their success, info-stealers, according to Group-IB, have grown to be a significant instrument for collecting personal information. Later, in dark web marketplaces, the logs containing the information that information thieves stole are traded. The IP addresses of the infected hosts are also included in the logs that are made available in such marketplaces.