Hacking 100,000 ChatGPT Accounts: Here’s What Users Should Do

Group-IB is a leading cyber security company headquartered in Singapore. According to one a report The company has identified more than 100,000 thief-infected devices with stored ChatGPT credentials.

The compromised data was found in malware logs traded on illegal dark web markets. According to Group-IB’s findings, the Asia Pacific region saw the highest concentration of ChatGPT credentials sold.

Behind the attacks are the so-called information theft. They can steal passwords, cookies, credit card details, and other important information from browsers.

The success of cybercriminals indicates that users do not use unique passwords or do not activate two-factor authentication. Law enforcement agencies struggle to stop cybercriminal activity due to the anonymity of the dark web.

Group-IB experts confirm that more and more employees are using chatbot at work. By default, ChatGPT saves a history of user requests and AI responses.

“Many companies are integrating ChatGPT into their workflows. Employees enter confidential messaging or use a bot to improve their code. Since the default configuration of ChatGPT stores all conversations, it may supply Attackers inadvertently find a treasure trove of sensitive information when they obtain account credentials.

Accordingly, unauthorized access to user accounts may result in disclosure of confidential and sensitive information. These targeted attacks can be used against companies and their employees.

With 12,632 credentials stolen, India has become the worst affected country. Many technology companies have integrated ChatGPT to increase customer service and employee productivity.

In view of the mentioned risks, Shestakov recommends that users take proper care of cyber security. Two-factor authentication is a good way to protect accounts from attacks. Not only the password is required to access the data, but also a security code on the phone. It should also be clear: 1234 or 0000 are not suitable passwords.

As cybercriminals develop their tactics, it becomes increasingly important to educate and increase public awareness of the risks. Regardless of the tools used, one must remain vigilant and encourage safe practices. This does not make you an easy target.