Over 100,000 ChatGPT accounts have been compromised by malware and put up for sale on the dark web, according to a new report. This means both the account credentials and the contents of chat histories can be accessed by bad actors willing to pay top dollar on illegal marketplaces. Given the explosion of popularity of OpenAI’s tool over the last few months, this news should serves as warning for most of the chatbot’s casual users.
On Tuesday, Singapore-based cybersecurity company Group-IB announced that it had discovered the compromised ChatGPT credentials inside logs coming from an info stealing malware called Raccoon traded on the dark web. The company identified 101,134 stealer-infected devices with saved ChatGPT credentials.
What does this mean for average users? Well, if hackers enter the compromised accounts they’ll gain access to any chats users stored online. Therefore, any personal information or company trade secrets users may have entered in their prompts to OpenAI’s chatbot could end up in the wrong hands.
Group-IB found the Raccoon info stealer breached the majority of the logs containing the ChatGPT accounts. Raccoon is one of the more prominent info stealers available and requires little coding experience to procure and operate. Like other trojans, info stealers are a type of malware that indiscriminately collects credentials from instant messengers, emails, and browsers. It then sends all this data to the malware operator.
The cybersecurity firm said the sheer amount of compromised ChatGPT accounts it is finding shows just how popular ChatGPT has become around the world.
The company started identifying stealer logs with compromised data as early as June 2022. It found 74 of them. Back then, ChatGPT3 was already in existence but it wasn’t widely released to the public. By May 2023, six months after the famous November launch, that figure had exploded to 26,802.
Within this study period, the Asia-Pacific region saw the largest number of ChatGPT account credentials stolen by info stealers. Broken down by country, India, Pakistan, and Brazil topped the list with the U.S. coming in sixth.
Group-IB’s Threat Intelligence unit identified the countries and regions with the highest concentration of stealer-infected devices with saved #ChatGPT credentials. The top three countries are India, Pakistan, and Brazil. pic.twitter.com/CtStVGUzVBJune 20, 2023
OpenAI was quick to point out in a statement shared with emphasised with The Hacker News the accounts were compromised due to malware on people’s devices and not because of an OpenAI breach. Nonetheless, it said it’s investigating the exposed accounts.
How to stay safe using ChatGPT
OpenAI’s users will naturally be asking themselves what they can do to prevent their accounts from being leaked. The usual security practices apply.
Set a strong password and change it every so often, especially if you have reason to believe you may have been targeted by an info stealer or other types of malware.
Group-IB also recommends enabling Two Factor Authentication (2FA) which means that an additional security code is sent to people that want to log in to their account. Unfortunately, a note on OpenAI’s website says that new 2FA and multifactor authentication enrollments are temporarily paused.
Using one of the best VPNs which encrypts your online identity also makes it harder for someone to break in and steal your data.
It’s best to avoid inserting any sensitive information in your ChatGPT prompts in the first place. But if you’ve already made that error, consider clearing your chat history and going forward you may want to turn the feature that saves your chats off. As always, you should also ensure you have the best antivirus software installed on your PC or one of the best android antivirus apps on your Android smartphone to protect both your devices and your data.
