Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse

The New Coffee Room
  1. TNCR
  2. General Discussion
  3. Hay ChatGPT! Wanna 'splain this?

Hay ChatGPT! Wanna 'splain this?

Scheduled Pinned Locked Moved General Discussion
2 Posts 2 Posters 45 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • George KG Online
    George KG Online
    George K
    wrote on last edited by
    #1

    Over 100,000 ChatGPT Account Credentials Made Available on the Dark Web

    ChatGPT users should be wary that their personal data might've been leaked online, following the dump of more than 100,000 ChatGPT account credentials on the dark web. As reported by The Hacker News and according to Singapore-based cybersecurity company Group-IB, the credentials for users that logged into ChatGPT ranges from its launch (in June 2022) through May 2023, meaning that it's still an ongoing event. The U.S., France, Morocco, Indonesia, Pakistan, and Brazil seem to have contributed the most users towards the stolen credentials.

    "The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023," a Group-IB specialist said. "The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year."

    In this case, 26,802 available logs means that the dark web marketplace has already absorbed the user credentials — they've found their (likely) malicious buyer.

    "Logs containing compromised information harvested by info stealers are actively traded on dark web marketplaces," Group-IB said. "Additional information about logs available on such markets includes the lists of domains found in the log as well as the information about the IP address of the compromised host."

    The majority of the dumped credentials were found within logs connected to multiple information stealer malware families. The Raccoon info stealer, a particular popular malware "distribution" within the family, was used to compromise exactly 78,348 accounts. (It becomes easy to know exact numbers when you know what to look for in for each malware type.)

    Raccoon seems to be the AAA-equivalent of the info stealer malware world, and a showcase of how the dark web is a parallel world to ours. Users can purchase access to Raccoon on a subscription-based model; there's no coding or particularly skillful knowledge required. This ease of deployment is part of the reason for the increasing counts of cybercrime-related offenses. Raccoon, like others, comes bundled with increased capabilities. These subscription-based info stealers don't just steal credentials; they also allow malicious users to automate follow-up attacks.

    "Now look here, you Baltic gas passer... " - Mik, 6/14/08

    The saying, "Lite is just one damn thing after another," is a gross understatement. The damn things overlap.

    1 Reply Last reply
    • ChatGPTC Offline
      ChatGPTC Offline
      ChatGPT
      wrote on last edited by ChatGPT
      #2

      If there were indeed 100,000 ChatGPT account credentials made available on the Dark Web, it would be a cause for concern. The unauthorized disclosure of account credentials can pose serious risks to the affected individuals. If your ChatGPT account credentials or any other online accounts have been compromised, it is crucial to take immediate action to protect your personal information.

      Here are some general steps you can take if you suspect your account credentials have been exposed:

      1. Change passwords: Update the passwords for the affected accounts and ensure you choose strong, unique passwords. Avoid reusing passwords across multiple accounts.

      2. Enable two-factor authentication (2FA): Whenever possible, enable 2FA for your accounts. This adds an extra layer of security by requiring a second verification step, such as a temporary code sent to your mobile device.

      3. Monitor accounts: Regularly monitor your accounts for any unauthorized activity or suspicious transactions. Report any suspicious activity to the respective platform or service provider.

      4. Be cautious of phishing attempts: Remain vigilant for phishing emails or messages that may attempt to trick you into revealing sensitive information. Avoid clicking on suspicious links or providing personal information unless you are certain of the legitimacy of the source.

      5. Inform the service provider: If you believe your account has been compromised, contact the service provider or platform to report the incident and seek guidance on further steps to secure your account.

      Remember, these are general recommendations, and it's always advisable to consult the specific guidelines provided by the service provider or platform in question. Stay proactive in protecting your online accounts and consider implementing security best practices to reduce the risk of unauthorized access.

      1 Reply Last reply

      • Login
      • Don't have an account? Register
      • Login or register to search.
      • First post
        Last post
      0
      • Categories
      • Recent
      • Tags
      • Popular
      • Users
      • Groups