Check Point Research (CPR) has been at the forefront of notifying the security challenges that come with ChatGPT, and their recent findings call for immediate concern and precaution for OpenAI and ChatGpt users, respectively. CPR reveals that there is an increase in the trade of stolen ChatGPT Premium accounts in the dark web forum. The demand is rising, and the merchandise includes:
- a complete premium ChatGPT account
- information and credentials gotten from a hacked premium ChatGPT account
- tools such as bruteforcing and checkers used to hack ChatGPT accounts
- opening a ChatGPT premium account with stolen payment cards.
The report came in March 2023, and the impact among loss of account, credit card details, and sensitive information include bypassing geofencing restrictions imposed on ChatGPT by OpenAI. CPR found out that cybercriminals often exploit the fact that users recycle the same password across multiple platforms and load combinations of emails and passwords into an account checker software.
CPR also found the sale of a configuration file for SilverBullet- a web testing suite that allows users to perform requests toward a target web application. SilverBullet is a configurable suite, and threat actors capitalise on this feature to adjust the suite to conduct checking or bruteforcing attacks against any website. The SilverBullet configuration auctioned for sale could allow checking a set of credentials for OpenAI’s platform in an automated way. Also, it supports proxy implementation, which in many cases, allows it to bypass different protections on the website against such attacks.
CPR confirmed seeing a criminal named “gpt4”, who sells not only ChatGPT 4 premium account but also a configuration for another automated tool that checks the credential validity. Similarly, on March 20th, an English-speaking black hat started advertising a ChatGPT Plus lifetime account service with 100% satisfaction guaranteed. While OpenAI charges $20 for this service per month, the threat actor offered it for $59.99.
Unfortunately, a number of underground users have already left positive feedback for all these services and have vouched for them. Payments for the service are usually done using previously compromised payment cards, as confirmed by CPR. Check Point previously reported that ChatGPT account store the recent queries of the account owner, widening the risk faced by the victim whose account was compromised.