Computer keyboard. Illustrative photo.
Prague – The volume of trade with stolen premium ChatGPT accounts is growing on the Internet, which cybercriminals use, among other things, to circumvent bans and restrictions in a number of countries. For example, in Russia, China or Iran. When cybercriminals steal access data, they also obtain the original owner's query history, which may contain personal and company information. This was reported today by the security firm Check Point.
According to her, ChatGPT accounts are the new hit among cybercriminals, along with accounts for financial services, social networks, online dating sites or e-mails. “Cybercriminals often rely on users using the same passwords on different platforms. So when any credentials are compromised, they enter the stolen credentials into a specialized tool and perform login attempts to identify whether the stolen credentials are valid for logins on other services,” said Check Point regional director Miloslav Lujka.
According to the company, hackers usually sell stolen accounts, but sometimes they also offer them for free to promote their own services or account theft tools. Various tools such as SilverBullet can be used to check credentials or brute force access. Check Point points out that the cybercriminal offered, for example, a configuration file for SilverBullet, which enables automated verification of credentials for the OpenAI platform. It can check 50 to 200 accounts per minute, allowing for bulk account theft. In addition, it can bypass various protections on websites.
OpenAI's popular ChatGPT chat system based on artificial intelligence (AI) can generate articles, essays, jokes, and even poetry based on simple queries. In addition to free accounts, there are paid premium ChatGPT accounts with extended features.