Beware! Your ChatGPT Account Could be Stolen
New research suggests that there is a growing market out there for stolen ChatGPT premium accounts, which helps cybercriminals circumvent geofencing
A new report from CounterPoint Research has pointed to increasing instances of trade in stolen ChatGPT premium accounts. This enables cybercriminals to circumvent OpenAI’s geofencing restrictions and get unlimited access to the AI-based chatbot.
The market of account takeovers (ATOs), stolen accounts to different online services, is one of the most flourishing around the hacking underground and in the dark web. Traditionally, this market’s focus was on stolen financial services accounts (banks, online payment systems, etc.), social media, online dating websites, emails, and more.
Increased activity observed since March
Since March 2023, CheckPoint says it has witnessed increased discussion and trade of stolen ChatGPT accounts, with a focus on premium accounts with instances of leak and free publications of credentials, trade of premium accounts etc. on the rise. There is even talk around tools to hack into ChatGPT accounts and trades using stolen premium cards.
ChatGPT imposes geo-fencing restrictions on accessing its platform from certain countries (including Russia, China and Iran). Recently, CheckPoint had highlighted that utilizing the ChatGPT API allows cybercriminals to bypass different restrictions, as well as use of ChatGPT’s premium account.
All this leads to an increasing demand for stolen ChatGPT accounts, especially paid premium accounts. In the dark web underground, where there is a demand – there are smart cybercriminals ready to take advantage of the business opportunity.
Meanwhile, during the last few weeks there have been discussions on ChatGPT’s privacy issues, with Italy banning ChatGPT and Germany considering banning it as well. The research highlights another potential privacy risk of this platform. ChatGPT accounts store the recent queries of the account’s owner. So when cybercriminals steal existing accounts, they gain access to the queries from the account’s original owner. This can include personal information, details about corporate products and processes, and more.
Trade of Stolen Accounts of ChatGPT
Cybercriminals often exploit the fact that users recycle the same password across multiple platforms. Using this knowledge, malicious actors load sets of combinations of emails and passwords into a dedicated software and execute an attack against a specific online platform to identify the sets of credentials that match the login to the platform.
A final account takeover occurs when a malicious actor takes control of an account without the authorisation of the account holder. During the last month, CheckPoint Research observed an increase in the chatter in underground forums related to leaking or selling compromised ChatGPT premium accounts.
Mostly those stolen accounts are being sold, but some of the actors also share stolen ChatGPT premium accounts for free, to advertise their own services or tools to steal the accounts.
