A new Report of Group-IB shows that more than 225,000 logs with compromised ChatGPT user credentials were made available for sale on the dark web between January and October 2023.
These credentials were found in information stealer logs associated with the malware data theft LummaC2, Raccoon and RedLine.
“The number of infected devices decreased slightly in mid and late summer, but increased significantly between August and September", the company said in the report Hi-Tech Crime Trends 2023/2024.
See also: Roblox: 34 million credentials have been found on the dark web by 2021
Between June and October 2023, more than 130,000 people were breached computers with access to ChatGPT (an increase of 36% compared to the first five months of 2023). Analysis based on the top three infostealer malware shows:
- LummaC2 - 70,484 hosts
- Raccoon - 22.468 hosts
- RedLine - 15.970 hosts
Group-IB researchers say that the sharp increase in the number of ChatGPT credentials found for sale is due to the overall increase of info-stealer infections.
Recently the Microsoft and OpenAI revealed that state hackers from Russia, North Korea, Iran and China exploited artificial intelligence for their cyber attacks.
See also: Hacker arrested for selling bank accounts on the dark web
According to Group-IB, in the past, attackers were mainly interested in corporate computers and systems with access that allowed movement to the Network. But now they are focusing on devices with access to public AI systems.
“This gives them access to logs with the communication history between employees and systems, which they can use to search for confidential information (for espionage purposes), details about the internal infrastructure, data authentication (to conduct even more damaging attacks) and information about application source code“.
Protection against info-stealer malware to prevent credentials from ending up on the dark web
The first and most important method of protection is information and education. The users need to be aware of the techniques attackers use to spread malware so they can identify and avoid them.
The installation of a reliable security software is another basic method of protection against info-stealer malware. This software should include antivirus, anti-virus, anti-malware and anti-stealer software.spyware and anti-malware functions, as well as phishing protection.
See also: Dark web: drug dealer pleads guilty
Also, it is important to keep the operating system and all applications updated. The updates include security fixes that can protect the user's Computer from the latest threats.
Η use of strong passwords and changing them regularly can protect your data from theft. Also, using a password manager can help manage and secure passwords.
Finally, the careful interaction with emails and attachments Archives is vital. Never open attachments or click on links from unknown sources.
Source: thehackernews.com
