Group-IB has reported a significant influx of compromised OpenAI ChatGPT credentials on the dark web. According to their Hi-Tech Crime Trends 2023/2024 report, from January to October 2023, underground markets saw the circulation of over 225,000 logs linked to such breaches.
These findings point to a significant increase in cybercriminal activities targeting artificial intelligence platforms, facilitated by malware like LummaC2, Raccoon, and RedLine.
Group-IB noted:
The number of infected devices decreased slightly in mid-and-late summer but grew significantly between August and September.
This trend underscores a worrying escalation in cybercriminal activities, particularly those targeting AI-driven platforms like ChatGPT.
A detailed examination showed that over 130,000 unique devices with access to OpenAI’s ChatGPT service were compromised within just five months, from June to October 2023. This represents a 36% rise compared to the preceding five months.
The breakdown of the infections by malware types is as follows:
- LummaC2: Responsible for compromising 70,484 devices.
- Raccoon: Linked to 22,468 affected devices.
- RedLine: Found on 15,970 devices.
Group-IB attributes the surge in compromised credentials to “the overall rise in the number of hosts infected with information stealers,” which are afterward offered for sale on clandestine markets.
This surge in cybercriminal activities overlaps with reports from Microsoft and OpenAI about nation-state actors leveraging AI and large language models to augment their cyber arsenal.
Source: group-ib.com
The exploitation of large language models by cyber adversaries is particularly concerning. According to Group-IB, such technologies could be repurposed for crafting more sophisticated phishing schemes, enhancing the effectiveness of scam operations, and even assisting in cyber reconnaissance and attack execution.
The focus of cyber threats is also shifting, with increased interest in devices connected to public AI systems. Such access enables cybercriminals to mine communication logs for sensitive data, including corporate secrets, authentication details, and source code, posing significant espionage and cyberattack risks.
The proliferation of information stealer malware and the resultant abuse of legitimate account credentials have significantly complicated the landscape of identity and access management, as per IBM X-Force.
The ease with which cybercriminals can now acquire and exploit such credentials underscores the critical need for enhanced cybersecurity measures and vigilance among digital users and organizations.
Utilizing protective measures such as the best VPN for ChatGPT can provide an added layer of security, safeguarding your online activities and sensitive data from potential cyber threats.