Uncategorized

225,000+ ChatGPT Credentials Up For Sale on Dark Web Markets

Group-IB has released its latest report, “Hi-Tech Crime Trends 2023/2024,” highlighting critical global cyber threats.

The report reveals a concerning trend where over 225,000 compromised ChatGPT credentials are being sold on dark web markets, posing security risks for businesses.

AI in the hands of Cybercriminals

Key Points:

  • Cyber Threat Landscape: The report emphasizes the growing collaboration between ransomware and Initial Access Brokers (IABs), leading to a surge in cyber threats globally.
  • AI Integration: Cybercriminals are leveraging artificial intelligence (AI) technologies like large language models (LLM) such as ChatGPT to develop sophisticated malware and enhance their operational efficiency.
  • Dark Web Sales: Group-IB detected a substantial number of compromised ChatGPT credentials for sale on illicit dark web platforms, with over 225,000 logs available from January to October 2023.
  • Ransomware Activity: The report highlights a significant increase in ransomware attacks, with 4,583 companies having their data published on ransomware Dedicated Leak Sites (DLS) in 2023.
  • APT Attacks: Nation-state-sponsored threat actors, known as Advanced Persistent Threat (APT) groups, targeted various regions globally, with the Asia-Pacific region being a major battleground.
Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
  • If you want to test all these features now with completely free access to the sandbox: ..

Rise of AI in Cyber Threats

Group-IB’s report, which has been a critical resource for fighting digital crime for over a decade, has, for the first time, included a section on AI and its implications for cybersecurity.

The report details how AI technologies, including large language models like ChatGPT, are being exploited by cybercriminals to develop malware, brainstorm new tactics, techniques, and procedures (TTPs), and enhance social engineering attacks.

The United States was the most common target for ransomware groups, as 1,060 US-based companies were the subject of ransomware DLS posts in 2023. The next most affected countries were Germany (129), Canada (115), France (103), and Italy (100).

Global Ransomware Activity

The majority of these compromised accounts were breached by the LummaC2 information stealer, indicating a targeted approach by cybercriminals to exploit ChatGPT’s growing popularity in the professional sphere

Ransomware and Initial Access Brokers: A Persistent Threat

The report also sheds light on the persistent threat posed by ransomware and Initial Access Brokers (IABs).

In 2023, Group-IB’s Threat Intelligence unit detected a 74% increase in the number of companies that had their data published on ransomware-dedicated leak sites (DLS).

Global Nation Wide Attacks

IABs, skilled at exploiting security vulnerabilities, continue to facilitate ransomware attacks by selling unauthorized access to networks.

The average price for corporate access dropped by 27% in 2023, suggesting an increase in the number of sellers and a competitive market.

Group-IB’s latest report underscores the evolving nature of cyber threats and the critical role AI is playing in this landscape.

The sale of compromised ChatGPT credentials on the dark web is a stark reminder of the importance of cybersecurity vigilance.

As AI continues to be integrated into corporate environments, the potential for misuse by cybercriminals grows, making it imperative for organizations to strengthen their defenses against these emerging threats.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions…

22 hours ago

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through…

2 days ago

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the initial…

2 days ago

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store, which…

2 days ago

Lazarus Hackers Using New VNC Based Malware To Attack Organizations Worldwide

The Lazarus Group has recently employed a sophisticated attack, dubbed "Operation DreamJob," to target employees…

2 days ago

New Python NodeStealer Attacking Facebook Business To Steal Login Credentials

NodeStealer, initially a JavaScript-based malware, has evolved into a more sophisticated Python-based threat that targets…

2 days ago