A recent report has unveiled a concerning security breach involving ChatGPT, the immensely popular application dominating the internet. According to cybersecurity firm Group-IB, over 100,000 ChatGPT credentials were discovered on dark web marketplaces between June 2022 and May 2023. These compromised credentials were linked to a staggering 1,01,134 devices infected with stealer malware.
Asia Pacific Most Affected Region, India Leads in Compromised Accounts
Group-IB’s Threat Intelligence unit revealed that the Asia Pacific region suffered the highest number of stolen ChatGPT accounts, accounting for 40.5% of the breaches between June 2022 and May 2023. India emerged as the most affected country, with 12,632 compromised ChatGPT credentials. Pakistan followed closely with 9,217 compromised accounts, while Brazil recorded 6,531 incidents. Bangladesh had the fewest instances with 2,463.
Risks of Unauthorized Access and Data Jeopardy
The compromised ChatGPT accounts contained valuable user data, including confidential information from professionals who utilized the application for productivity, software development, and business communications. Unauthorised access to this sensitive information poses significant risks, potentially exposing individuals and companies to targeted attacks and privacy breaches. Group-IB’s report emphasized the popularity of ChatGPT within dark web communities, making it a prime target for cybercriminals.
Info-Stealing Malware: A Threat to Personal Data Security
Info-stealers represent a type of malware designed to extract information stored in web browsers, such as browsing history, cookies, banking details, and cryptocurrency wallet information. These malicious programs indiscriminately infect computers, gathering data from instant messengers, emails, and other sensitive sources. Info-stealers are highly effective in collecting personal data, with the gathered information often traded on dark web marketplaces. These data logs may also include compromised host IP addresses.
Growing Popularity of ChatGPT in Dark Web Communities
As professionals increasingly rely on ChatGPT for various purposes, its widespread usage has captured the attention of dark web communities. The availability of compromised ChatGPT credentials on the dark web reflects the alarming extent of this security breach. Vigilance and proactive measures to safeguard personal and confidential information are crucial to mitigate the risks posed by info-stealing malware and protect user data in the digital realm.