Here’s something else AI can do: expose bad infosec to give cyber-crims a toehold in your organization


Stolen ChatGPT credentials are a hot commodity on the dark web, according to Singapore-based threat intelligence firm Group-IB, which claims to have found some 225,000 stealer logs containing login details for the service last year.

Group-IB reported finding those logs in its annual High Tech Crime Tends report published last week. The document alleges it found the logs for sale on the dark web between January and October 2023.

Keep in mind these are stealer logs containing credentials, not username/password pairings – meaning there may be far more than 225k credential sets available for misuse.

According to Group-IB, it found around 130,000 of the ChatGPT credential-containing logs in the five months from June to October, 2023, representing a 36 percent increase in the number of logs found in the prior five-month period between January and May of last year.

“With more employees relying on ChatGPT for work optimization and its storage of past interactions, compromised logins could expose sensitive information, posing significant security risks for businesses,” Group-IB warned in a blog post summarizing its report.

Read more…