In the 12 months running up to May 2023, the login credentials of over 100,000 hacked ChatGPT accounts found their way onto dark web marketplaces.
That's the finding of researchers at Group-IB, who discovered the usernames and passwords within the information-stealing malware sold via underground cybercrime forums.
The distribution of the AI-powered chatbot account credentials is concerning for a number of reasons.
Firstly, the rising use of OpenAI's ChatGPT in the workplace raises the risk that confidential and sensitive information will fall into unauthorised hands as a result of account passwords being distributed.
Furthermore, there is the very real danger that workers will have reused the same password for their ChatGPT account as other online accounts, raising the prospect that hackers may be able to use the compromised details to access other online accounts and potentially steal other corporate data.
According to the researchers, the logs indicated that most of the breached ChatGPT credentials were scooped up by the Raccoon information-stealing malware.
The notorious Raccoon information-stealing malware is used by cybercriminals to steal sensitive data from victim's browsers and cryptocurrency wallets, scooping up saved credit card details, saved login details, and extracting information from cookies.
For as little as US $200-per month malicious hackers and fraudsters could purchase access to Raccoon's capabilities.
The development of the Raccoon malware was disrupted after Ukrainian national Mark Sokolovsky, its alleged developer, was arrested in the Netherlands at the request of the FBI.
The news of the arrest put to the malware-as-a-service group's earlier claim that their key developer had been killed in the early days of Russia's invasion of Ukraine.
Although at the time of Sokolovsky's arrest the infrastructure for Raccoon was also dismantled, new versions of Raccoon have been released since - at an increased price of US $275 per month.
It is estimated that approximately one million people had fallen victim to Raccoon by the end of 2022, with users most commonly attacked via boobytrapped emails.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsSeptember 06, 2024
September 02, 2024