According to a recent report by cybersecurity firm Group-IB, more than 100,000 OpenAI ChatGPT credentials appeared on underground online marketplaces between June 2022 and May 2023. The investigation by Group-IB identified around 101,134 infected devices containing stolen ChatGPT credentials.
The report highlighted that the Asia Pacific region experienced the highest number of compromised ChatGPT accounts, accounting for 40.5% of the total incidents during the specified period. The Middle East and Africa followed with 24,925 instances, and Europe with 16,951 incidents.
Among the countries affected India had the highest number of compromised ChatGPT credentials, with 12,632 accounts compromised. Pakistan closely followed with 9,217 compromised accounts, while Brazil had 6,531 instances. Bangladesh reported the least number of cases, with 2,463 compromised accounts.
Info stealers, a type of malicious software, are responsible for collecting stored information from web browsers, including sensitive data such as cookies, browsing history, bank card details, and crypto wallet information. These info stealers can also extract data from instant messaging applications, emails, and other sensitive information on victims’ devices.
To mitigate the risks associated with compromised ChatGPT accounts, Group-IB advises users to take certain precautions. This includes regularly updating passwords and implementing two-factor authentication (2FA). By enabling 2FA, users are required to provide an additional verification code, usually sent to their mobile devices, before accessing their ChatGPT accounts. These measures can provide an extra layer of security against unauthorized access and data theft.