Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web

Over 100,000 stolen OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023. India is in the top place with 12,632 stolen credentials. Pakistan is in second place with 9217 stolen credentials. The Group-IB revealed in the latest report that the credentials were discovered within information stealer logs made available for sale on the cybercrime underground.

“The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023,” the Group-IB said. “The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year.”

Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web

Check Also: OpenAI Rolls Out ChatGPT iOS App to 11 More Countries

Other countries with the most compromised ChatGPT credentials include Brazil, Vietnam, Egypt, the U.S., France, Morocco, Indonesia, and Bangladesh.

Further analysis has revealed that the majority of logs containing ChatGPT accounts have been breached by the notorious Raccoon info stealer, followed by Vidar and RedLine.

Information stealers have become popular among cybercriminals for their ability to hijack passwords, cookies, credit cards, and other information from browsers, and cryptocurrency wallet extensions.

“Logs containing compromised information harvested by info stealers are actively traded on dark web marketplaces,” Group-IB said. “Additional information about logs available on such markets includes the lists of domains found in the log as well as the information about the IP address of the compromised host.”

See Also: Reddit Hackers Demand $4.5 Million and API Pricing Changes