100,000 hacked ChatGPT accounts up for sale on the dark web
In the 12 months leading up to May 2023, the login details of more than 100,000 compromised ChatGPT accounts were discovered on dark web marketplaces. Researchers at Group-IB found the usernames and passwords embedded within information-stealing malware that was being traded in underground cybercrime forums. You can read more about this on Group-IB's website.
The risks associated with the leaked ChatGPT account credentials
In the midst of the increasing use of OpenAI's ChatGPT, the exposure of account passwords raises concerns about the security of sensitive information and potential unauthorized access to confidential data.
The role of Raccoon information-stealing malware
Analysis of the breached ChatGPT credentials revealed that a large portion of them were obtained by the Raccoon information-stealing malware. This malware is known for extracting sensitive data from victims' browsers and cryptocurrency wallets, such as credit card details and login credentials.
The arrest of Raccoon's alleged developer
The alleged creator of the Raccoon malware, Mark Sokolovsky, a Ukrainian national, was arrested in the Netherlands at the FBI's request. Despite initial claims of Sokolovsky's demise during Russia's invasion of Ukraine, his arrest disproved this narrative. The original infrastructure of Raccoon was dismantled post-Sokolovsky's arrest, but new iterations of the malware have surfaced.
An estimated one million individuals had already been affected by Raccoon by the end of 2022, primarily through malicious email communications.
