Malware has managed to compromise an alarming number of over 101,000 ChatGPT user accounts in the past year, the latest reports have indicated.
Cybersecurity company Group-IB has successfully identified these cyberattacks targeting ChatGPT accounts on various hidden websites.
According to ITNews.Com, the peak of these attacks occurred in May 2023, with approximately 26,800 new sets of ChatGPT credentials exposed.
“The Asia-Pacific region was hit the hardest, experiencing almost 41,000 compromised accounts between June 2022 and May 2023. Europe followed with nearly 17,000 compromised accounts, while North America ranked fifth with 4,700 accounts compromised,” the report stated.
It is reported that cybersecurity expert, Benoit Grunewald from ESET France expressed concerns about the lack of awareness among ChatGPT users regarding the sensitive information stored in their accounts, which cybercriminals actively target.
He noted that ChatGPT stores all input requests by default, making it accessible to individuals with account privileges.
Additionally, he highlighted how cybercriminals are leveraging ChatGPT in their malware attacks, “To steal valuable digital assets such as cryptocurrency wallet records, login credentials and saved browser logins.”
To enhance security, Mr Grunewald emphasized the need for two-factor authentication/multi-factor authentication (2FA/MFA) for regular users with free access to ChatGPT.
He recommended disabling the chat logging feature unless necessary and opting for trusted single sign-on options like Google, Microsoft, or Apple, which offer 2FA.
He also advised users to exercise caution when providing information to chatbots and other cloud-based services, as they become attractive targets for threat actors.
By prioritizing security measures and making informed choices, users can safeguard their valuable information from falling into the wrong hands.
