More than 100,000 ChatGPT accounts have been compromised by malware and offered for sale on the dark web, according to a new report. This means that account credentials and the contents of chat logs can be accessed by bad actors who are willing to pay top dollar in illegal markets. As the OpenAI tool has grown in popularity over the past few months, this news should serve as a warning to most casual users of the chatbot.
On Tuesday, Singapore-based cybersecurity firm Group-IB announced announce They discovered the compromised ChatGPT credentials within the logs coming from information stealing malware called Raccoon circulating on the dark web. The company identified 101,134 stolen devices with saved ChatGPT credentials.
What does this mean for ordinary users? Well, if hackers get into hacked accounts They will get access to any chats that users have stored Connected. Therefore, any personal information or company trade secrets that users entered in their claims to the OpenAI chatbot could end up in the wrong hands.
Group-IB found that the Raccoon info stealer compromised the majority of records containing ChatGPT accounts. Raccoon is one of the most notorious information stealers and it takes very little coding experience to get it up and running. Like other Trojans, information stealers are a type of malware that randomly collects credentials from instant messengers, emails, and browsers. It then sends all this data to the malware engine.
The cybersecurity firm said that the large amount of hacked ChatGPT accounts it finds shows just how popular ChatGPT is around the world.
The company began identifying theft records with compromised data as early as June 2022. It found 74 of them. At that time, ChatGPT3 already existed but it was not widely released to the public. By May 2023, six months after the famous launch in November, that number had risen to 26,802.
During this study period, the Asia Pacific region saw the highest number of ChatGPT account credentials stolen by information stealers. India, Pakistan and Brazil topped the list by country, with the United States coming in sixth.
Group-IB’s Threat Intelligence unit has identified countries and regions with the highest concentration of hijacked infected devices with saved #ChatGPT credentials. The top three countries are India, Pakistan and Brazil. pic.twitter.com/CtStVGUzVBJune 20, 2023
OpenAI was quick to point out in a joint statement while emphasizing it Hacker news The accounts were hacked because there was malware on people’s devices, not because of an OpenAI hack. However, she said she is investigating the exposed accounts.
How to stay secure with ChatGPT
It is only natural that OpenAI users ask themselves what they can do to prevent their accounts from being leaked. Usual security practices apply.
Set a strong password and change it every now and then, especially if you have reason to believe you may have been targeted by information stealers or other types of malware. malware.
Group-IB also recommends enabling two-factor authentication (2FA) which means that an extra security code is sent to people who want to log into their accounts. Unfortunately, Note on the OpenAI website It says that new 2FA and multifactor authentication registrations are paused.
using one of the best VPN networks Which encrypts your online identity makes it more difficult for someone to break into and steal your data.
It’s best to avoid entering any sensitive information into ChatGPT prompts in the first place. But if you’ve already made this mistake, consider clearing your chat history and moving forward, you might want to turn off the feature that saves your chats. As always, you should also make sure you have a The best antivirus software installed on your computer or a file Best android antivirus apps on your Android smartphone to protect both your devices and your data.
More Tom’s guide
[ad_2]
