ShiftDelete.Net Global

Dark Web trades: Stolen ChatGPT Premium accounts

Ana sayfa / CyberSecurity

Researchers have identified various types of discussions and trades related to ChatGPT on the dark web, including the leak and free publication of credentials, trade of stolen premium ChatGPT accounts, and the sale of brute forcing and checking tools. These tools enable criminals to hack into ChatGPT accounts by attempting various email and password combinations. Moreover, cybercriminals are offering ChatGPT account-as-a-service, which likely uses stolen payment cards to open premium accounts.

SilverBullet Configuration for Sale

Criminals are also offering a configuration file for SilverBullet, allowing automated credential checks for OpenAI‘s platform. This tool is used in credential stuffing and account checking attacks against websites, allowing cybercriminals to steal accounts on a large scale.

An English-speaking cybercriminal began advertising a ChatGPT Plus lifetime account service on March 20th, according to Check Point. The lifetime upgrade costs $59.99, significantly cheaper than OpenAI’s legitimate monthly pricing of $20. Furthermore, the service offers the option to share access to the ChatGPT account with another cybercriminal for $24.99, making it even more appealing for those looking to save costs.

Potential Risks of Stolen ChatGPT Account Credentials

High demand for stolen premium ChatGPT account credentials stems from their ability to help cybercriminals bypass geofencing restrictions. By using the ChatGPT API, they can access premium accounts and services even in restricted areas such as Iran, Russia, and China. Additionally, stolen accounts grant criminals access to previous queries made by the account’s original owner, potentially revealing personal information, corporate product details, and more.

Increasing Privacy Concerns Surrounding ChatGPT

ChatGPT has faced multiple privacy and security concerns in recent months. Italy’s data privacy regulator banned the service over alleged violations related to data collection and storage. To lift the ban, OpenAI must meet a set of data protection requirements by April 30. Germany’s data protection commissioner has also warned of a potential block due to data security concerns. OpenAI recently announced a bug bounty program, offering cash rewards for identifying and addressing vulnerabilities in its generative artificial intelligence systems.

Yorum Ekleyin