Cybersecurity Firm Uncovers Over 100K Stolen ChatGPT Credentials On The Dark Web

With all the excitement around ChatGPT, it is no wonder that threat actors are taking advantage of the situation. Besides having those with malicious intentions steal your Facebook account, they might also be stealing your ChatGPT account credentials as well, following the discovery of over 100,000 compromised ChatGPT accounts on dark web marketplaces.

Threat intelligence organization Group-IB announced today the identification of 101,134 devices infected with info stealer malware and saved ChatGPT credentials. Evidence of these infected devices has shown up online in dark web marketplaces where ChatGPT credentials have also been traded over the last year. This is because “ChatGPT accounts have already gained significant popularity within underground communities” thanks to the potential for containing sensitive information about an organization.


Group-IB also reports that the majority of compromised ChatGPT accounts stem from the Raccoon info stealer, a popular malicious software for stealing credentials, bank information, and more. Further, the researchers found that the Asia-Pacific region was the most affected, with “the highest concentration of ChatGPT credentials being offered for sale over the past year.” More specifically, India took the top spot in the number of compromised ChatGPT credentials with a hefty 12,632 accounts.

This may be why companies like Google now warn its employees about the dangers of ChatGPT and sensitive information. Regardless, Group-IB recommends that users update passwords regularly and implement two-factor authentication. We also recommend that users not input sensitive information anywhere they would not want it public, especially any chatbot system like ChatGPT.