According to recent research conducted by Check Point, the dark web has been filled with more discussions and trades related to ChatGPT since March. Cybercriminals have been taking advantage of this increase in activity to bypass OpenAI’s geofencing restrictions by stealing and selling the credentials for premium ChatGPT accounts. These criminals are not only trading the stolen ChatGPT account credentials but also offering tools like SilverBullet configuration, which are used for automated Account Checkers and Credential Stuffing attacks against the platform.
Moreover, a cybercriminal is even offering a lifetime upgrade to ChatGPT Plus for $59.99, as OpenAI’s original price for this service is $20 per month. With these stolen credentials, criminals can gain access to personal information through the account’s query history and bypass the geofencing restrictions imposed.
OpenAI, the company behind ChatGPT, is backed by Microsoft and has faced various privacy and security concerns in the last few months, with Italy’s data privacy regulator recently banning the service due to privacy violations. Further, the German data protection commissioner has also warned that ChatGPT may face a potential block in the country due to data security concerns.
In response to this, OpenAI has recently announced a bug bounty program, where they’re offering cash rewards ranging from $200 to up to $20,000 for discoveries. They’re engaging with the global community of ethical hackers and technology experts in order to help identify and address vulnerabilities in its AI systems.
