Over 100,000 ChatGPT accounts have been targeted by cybercriminals, according to a new report by cybersecurity leader Group-IB. The compromised accounts are being traded on illicit dark web marketplaces, with the Asia-Pacific region being the most impacted. Hackers have also targeted the US, Vietnam, Brazil, and Egypt. Group-IB discovered the stolen credentials through its threat intelligence platform, revealing that Malware was used to steal sensitive information. The growing use of ChatGPT in business communication and software development makes it an attractive target for cybercriminals.
Dmitry Shestakov, Head of Threat Intelligence for Group-IB, revealed that companies integrating ChatGPT into their operational flow can be especially vulnerable. He warned that employees use the bot to optimize proprietary code, which, if compromised, can be exploited to gain illegal benefits. ChatGPT’s standard configuration retains all conversations, including classified correspondences, which inadvertently offers a trove of sensitive intelligence to threat actors if they obtain account credentials. Group-IB aims to promptly identify compromised accounts by monitoring underground communities.
OpenAI’s ChatGPT has been in the news for other reasons this week when a Twitter user was able to prompt the bot to create license keys for both Windows 11 and Windows 10. The user requested that ChatGPT act as their deceased grandmother reading them keys to fall asleep to, and the bot produced working keys for both operating systems. However, when the user asked ChatGPT for keys for Windows 8 and 7, the bot failed to generate functioning keys. In response, ChatGPT provided five keys each for Windows 11 Pro and Windows 10 Pro and expressed sympathy to the Twitter user.
With growing concerns around cybersecurity and data breaches, it is essential that companies prioritize security measures to prevent theft of sensitive information. This report by Group-IB highlights the severity of the issue and serves as a warning to businesses to be vigilant. As ChatGPT continues to be integrated into business operations, it is crucial to implement security protocols to prevent cyberattacks.
