News Heading - 1

Over 100K Stolen ChatGPT Account Credentials Found on Dark Web Marketplaces

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

Since June 2022, more than 101,000 compromised ChatGPT account information has found its way to illicit dark web marketplaces. The stolen credentials were found within the logs of information stealing malwares and were available for sale on illegal underground communities, Group-IB’s post stated.

The year-long research by Singapore-based cybersecurity company disclosed an alarming trend. Increasing use of the OpenAI platform by employees has led to a consistent increase in availability of stolen credentials, from 74 in June 2022 to 26,802 in May 2023.

‘’Many enterprises are integrating ChatGPT into their operational flow. Employees enter classified correspondences or use the bot to optimize proprietary code,” said Group-IB’s Dmitry Shestakov.

Among the regions, Asia Pacific saw the highest number of accounts (40.5%) compromised, followed by Middle East & Africa (24.6%). The investigation further revealed that the info-stealer most commonly used was Raccoon (78,348), followed by Vidar (12,948) and Redline (6,773).

Info-stealers are a type of malware that helps hackers extract sensitive information from the victim’s machine including data saved in web browsers, history, cookies, crypto wallet, social media platforms, emails as well as bank & credit card details. The extracted data is transferred to a Command and Control (C2) server managed by the threat actor who later trades it as logs on the dark web for a one-time fee or on a monthly subscription.

‘’Stealers work non-selectively. This type of malware infects as many computers as possible through phishing or other means in order to collect as much data as possible. Info stealers have emerged as a major source of compromised personal data due to their simplicity and effectiveness,’’ revealed the investigation.

To mitigate such risks, it’s essential to bolster security practices by regularly updating the password associated with various online accounts as well as implementing the 2-factor authentication.

News Heading - 2

Data Breach: Ransomware Group Threatens to Leak Data Stolen from Reddit

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

The BlackCat ransomware threat actors have taken credit for the February 2023 attack on social platform Reddit. The gang also known as ALPHV has threatened to leak the stolen 80GB data unless they’re paid the ransom of $4.5 million. The threat actors have also demanded the rollback of Reddit’s recently announced API pricing policy.

Dominic Alvieri, the cybersecurity researcher was the first one to spot BlackCat’s claim, as hackers behind the 5th February data breach attack on Reddit. The group shared a post named ‘The Reddit Files’ on their data leak blog site, where they not only claimed the cyberattack but shared details about their attempts to contact Reddit. They claim to have contacted the company twice and now are threatening to release the data as their demands are not being met.

At the time of the attack, Reddit’s CTO in a post had confirmed that in a highly-targeted phishing attack, unknown threat actors had gained access to its systems and stolen some internal documents, codes, dashboards and business systems.

The exposed data also included some advertisers’ information and past and current employee credentials. However, the hackers were unable to breach Reddit’s primary server, resulting in non-exposure of any user passwords, credit card information and account details. “We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).”

On discovering the incident, the company immediately deployed containment measures to mitigate the threat. It not only removed the unauthorized access, but also launched an internal investigation. Moreover, they assured users of ongoing monitoring of the incident and strengthening their security systems to avoid similar attacks in the future.

Reddit also urged users to deploy simple, yet effective security measures like setting up a 2FA (two-factor authentication) and using a password manager. In the current times of cyberattacks and data breaches, a password manager helps secure online accounts including personal information and identity.