Data of 100,000 ChatGPT accounts has been stolen

According to a new study published recently by cybersecurity organization Group-IB, no less than 100,000 ChatGPT user account credentials have been compromised and are being sold on several platforms for hacker.

Accordingly, the leading global cybersecurity company headquartered in Singapore has discovered a total of 101,134 devices infected with the malicious code that steals ChatGPT login information stored in it. The report shows that the Asia-Pacific region had the highest number of ChatGPT accounts stolen by malware (40.5%) between June 2022 and May 2023. Other hard-hit regions include the United States, Brazil, Egypt, France, Morocco, Indonesia and Bangladesh. Vietnam ranks fourth out of 10 countries with 4,771 compromised accounts.

Group-IB’s platform discovered these compromised logins in the logs of a series of well-known information-stealing malware such as Raccoon, Vidar, and RedLine. Because this type of malware works non-selectively, it affects as many computers as possible to collect data. At the peak in May 2023, there were 26,802 ChatGPT account information being bought and sold.

Group-IB emphasizes that the increasing trend of bringing ChatGPT to business and software development also means that sensitive information is being shared more and more across platforms. This makes it an ideal target that can be exploited for illegal gain.

ChatGPT’s ability to archive chats means that unauthorized access to an account can expose proprietary information, insider business strategies, personal communications, software code, and more. Concerns about the potential risks associated with ChatGPT have prompted many large companies to rush to enforce a series of strict policies that prohibit the use of the platform on computers connected to the system.

The popularity of ChatGPT also spread to the underworld, according to Group-IB. They discovered many hackers wanted to take advantage of chatbots to write malicious code and perform other malicious acts.