In a recent report by Singapore-based cybersecurity firm Group-IB, it was revealed that more than 100,000 login credentials for OpenAI’s ChatGPT artificial intelligence chatbot were leaked on the dark web. The credential theft, which began in June 2022, reached its peak in May 2023 with 26,802 stolen logins. Group-IB identified the Raccoon Infostealer malware as the primary tool used in orchestrating the theft, with victims being lured into downloading it through phishing emails.
Hackers leak over 100,000 ChatGPT logins
Once infected, the Raccoon Infostealer malware gathers login credentials, browsing history, cookies, and potentially even cryptocurrency wallet information. According to Chainalysis, a blockchain analytics firm, over $3 billion in cryptocurrency was stolen in 2022 alone. Phishing attacks, such as the one executed in this case, are a common form of cyberattack where fraudulent communications are sent via email, text messages, or social media, often appearing to be from reputable sources.
Group-IB emphasized the prevalence of info stealers as a significant source of compromised personal data due to their simplicity and effectiveness. These types of malware aim to infect as many computers as possible to maximize data collection. In their report, Group-IB disclosed that a majority of the stolen ChatGPT credentials, approximately 41,000 of them, originated from the Asia-Pacific region. To mitigate the risks, Group-IB recommends users update their passwords regularly and enable two-factor authentication for their accounts.
Recognizing the severity of the situation, ChatGPT’s main firm recently pledged $1 million towards AI cybersecurity initiatives. This commitment highlights the urgent need to address vulnerabilities and enhance the overall security of AI systems. Taking proactive measures in response to this incident is crucial to safeguarding sensitive user information and preventing future breaches.
Analysts recommend security measures against hacks
In October 2022, the U.S. Attorney’s Office for the Western District of Texas unveiled indictment charges from the Department of Justice against Mark Sokolovsky, who allegedly played a role in the Raccoon Infostealer cybercrime operation. The operation involved offering the software as “malware-as-a-service” (MaaS), allowing individuals to lease access to the illicit tools for a monthly fee.
The Department of Justice charged Sokolovsky with conspiracy to commit computer fraud, conspiracy to commit wire fraud, conspiracy to commit money laundering, and aggravated identity theft. Following the Amsterdam District Court’s decision, Sokolovsky was extradited to the United States on September 13, 2022, to stand trial. If convicted, he faces up to 20 years in federal prison. As of now, OpenAI, Group-IB, and the U.S. Department of Justice have not responded to requests for comment on this matter.
The leak of ChatGPT login credentials serves as a stark reminder of the evolving threats posed by cybercriminals and the need for robust security measures. Users should remain vigilant, regularly update their passwords, and implement additional security measures like two-factor authentication. Additionally, the collaboration between organizations like OpenAI and cybersecurity firms is essential to mitigate the risks and protect AI systems and user data from unauthorized access.
