100K+ Compromised ChatGPT Accounts Found On Dark Web

Global cybersecurity leader Group-IB has identified 101,134 infected devices with saved ChatGPT credentials. Throughout 2023, the company’s Threat Intelligence Platform found compromised account details in 26,802 malware logs traded on dark web marketplaces.

According to Group-IB’s findings, the Asia-Pacific region suffered the greatest concentration of ChatGPT credentials offered for sale, followed by the Middle East and Africa (MEA) region in second place.

Group-IB tech experts explained that when employees take advantage of ChatGPT to optimize business communications and marketing texts, the queries and responses are stored within the AI app. Consequently, any unauthorized access to a ChatGPT account could unearth a wealth of sensitive information.

Also Read: The Largest Data Breaches In The Middle East

Group-IB’s dark web analysis revealed that most compromised ChatGPT accounts were breached by a popular malware program known as “Raccoon Info Stealer”. The virus is often sent by email and can be used by hackers to gain access to sensitive data stored in internet browsers.

In the MENA area, accounts from users in Egypt, Morocco, Algeria, and Turkey topped the “most-infected” list, potentially exposing companies in the region to multiple threat actors.

“Many enterprises are integrating ChatGPT into their operational flow,” explained Dmitry Shestakov, Head of Threat Intelligence at Group-IB. “Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials. At Group-IB, we continuously monitor underground communities to identify such accounts promptly”.

To mitigate the risks posed by compromised ChatGPT accounts, Group-IB suggests that users update passwords using current best practices while also implementing two-factor authentication.