The increasing popularity of OpenAI’s AI chatbot, ChatGPT, has led to a surge in cybersecurity threats, with over 101,000 compromised ChatGPT account login credentials found on dark web marketplaces in the past year. Compromised accounts put ChatGPT users’ privacy at risk because the system keeps a record of chats which may include sensitive information and personal data.
Mashable reports that over 101,000 compromised ChatGPT account login credentials were discovered on dark web marketplaces in the last year as a result of the rising popularity of OpenAI’s AI chatbot.
The number of stolen login credentials has significantly increased along with ChatGPT’s user base, which has reached 100 million users just months after its open launch. More than 26,800 ChatGPT credentials were discovered last month alone, according to cybersecurity firm Group-IB, reaching a record high since the company started monitoring the data.
A common malware called Raccoon was used to access the majority of these stolen credentials. When a user downloads this malware, which is frequently disguised as an app or file that the user actually wants, it begins to steal data from the user’s computer. Hackers favor Raccoon because it is simple to use and is offered as a dependable, maintained subscription service.
A compromised ChatGPT account raises unique and potentially serious security issues. OpenAI unveiled a function that stores a user’s chat history a few months ago. This implies that all sensitive information entered into ChatGPT can be seen by a hacker if they have access to a user’s ChatGPT history.
“Many enterprises are integrating ChatGPT into their operational flow,” said Dmitry Shestakov, Head of Threat Intelligence at Group-IB. “Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials.”
Furthermore, if a user uses the same password on several different websites, a hacker who has access to their ChatGPT account may also be able to access their other accounts. This risk is increased if the user has purchased ChatGPT Plus, the premium plan offered by the company, as they may unintentionally be financing the use of the paid service by third parties.
Users are urged not to reuse their account password on other platforms in light of these findings and to be wary of unauthorized access to their accounts.
Read more at Mashable here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan