Hacked ChatGPT Accounts Are Being Sold On the Dark Web

Hacked ChatGPT Accounts Are Being Sold On the Dark Web

ChatGPT, the popular AI chatbot from OpenAI, has become a target for hackers who are stealing and selling its account credentials on the dark web. According to a report by cybersecurity firm Group-IB, over 101,000 compromised ChatGPT accounts have been found on illicit dark web marketplaces between June 2022 and May 2023².

The hackers are using various information stealers, such as Raccoon, Vidar and RedLine, to harvest passwords, cookies, credit cards and other data from browsers and cryptocurrency wallet extensions. The stolen ChatGPT credentials are then offered for sale on subscription-based platforms, where buyers can access the account details and the chat history of the victims²³.

This poses a serious threat to the privacy and security of ChatGPT users, especially those who use the chatbot for personal or professional purposes. ChatGPT allows users to save their chat history, which could contain sensitive information such as classified correspondence, proprietary code, personal data or financial details²³⁴.

"Many enterprises are integrating ChatGPT into their operational flow," said Dmitry Shestakov, head of threat intelligence at Group-IB. "Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials."²

Moreover, if users reuse their passwords for other online platforms, hackers could also gain access to their other accounts using the same credentials³. This could lead to further identity theft, fraud or blackmail.

To prevent such risks, users are advised to follow good password hygiene practices and enable two-factor authentication (2FA) for their ChatGPT accounts. Users should also avoid entering any confidential information into ChatGPT and regularly check their account activity for any signs of unauthorized access¹⁴.

ChatGPT is one of the most advanced AI chatbots in the world, capable of generating realistic and engaging conversations on various topics. It has over 100 million users as of February 2023³. However, its popularity also makes it a lucrative target for cybercriminals who are looking to exploit its users' data for malicious purposes.

Source :
(1) Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web .... https://thehackernews.com/2023/06/over-100000-stolen-chatgpt-account.html.
(2) More than 100,000 hacked ChatGPT accounts are being sold on dark web .... https://mashable.com/article/chatgpt-stolen-accounts-passwords-dark-web.
(3) Over 100,000 ChatGPT accounts being sold on the dark web - Tom's Guide. https://www.tomsguide.com/news/stolen-chatgpt-accounts-are-being-sold-on-the-dark-web-what-you-need-to-know.
(4) Massive Leak Of ChatGPT Credentials: Over 100,000 Accounts Affected. https://www.searchenginejournal.com/massive-leak-of-chatgpt-credentials-over-100000-accounts-affected/489801/.