Cointime

Cointime

Download App
iOS & Android
Home / Security

Over 100,000 OpenAI ChatGPT Account Credentials Stolen and Sold on Dark Web Marketplaces

June 21 (Cointime) - Over 101,100 OpenAI ChatGPT account credentials were stolen and sold on illicit dark web marketplaces between June 2022 and May 2023, with India accounting for 12,632 stolen credentials. Information stealers like Raccoon, Vidar, and RedLine were used to breach the accounts, with the majority of the logs containing compromised ChatGPT accounts (78,348) being breached by Raccoon.

The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year, according to cybersecurity firm Group-IB. To mitigate such risks, users are recommended to follow appropriate password hygiene practices and secure their accounts with two-factor authentication.

Cybersecurity
Comments

All Comments

Recommended for you

  • Cointime精选 ·

    Lightning In A High Fee Environment: Implications for Bitcoin’s Scalability

    The topic of scaling Bitcoin dates back to its very first mailing post. In response to Satoshi’s original message, James McDonald said, “We very, very much need such a system, but the way I understand your proposal, it does not seem to scale to the required size” — a remark that probably wasn’t the welcome Satoshi had anticipated. Nonetheless, this marked the beginning of a seemingly never ending, complex debate.
    Lightning In A High Fee Environment: Implications for Bitcoin’s Scalability

  • Rugpull occurs on Ethereum with fake NOT tokens

    PeckShield has monitored that the fake token Notcoin (NOT) on Ethereum has dropped 100%. An address starting with 0xE0eB sold 1,645,040,633,338,481.95 NOT and exchanged it for 93.5 WETH (valued at $281,000 USD). Note: Rugpull tokens have the same name as legitimate tokens.

  • The Sonne Finance hacker address has exchanged 56 WBTC into about 1,185 ETH

    According to PeckShield's monitoring, Sonne Finance hacker address 0x6277...4c07 has exchanged 56 WBTC for approximately 1,185 ETH and 3 WBTC for 183,000 DAI.

  • Sonne Finance: This attack was a donation attack. We are investigating the attacker and have suspended the market.

    Sonne Finance released an attack analysis report. This was a donation attack. Sonne had avoided this problem in the past by adding a collateral factor of 0% to the market, adding collateral and then destroying it, and only then increasing c-factors according to the proposal. Sonne recently passed a proposal to add the VELO market to Sonne. This transaction was arranged on a multi-signature wallet, and c-factors were arranged to be executed within 2 days due to the time lock. When the 2-day time lock for creating the market ended, the attacker executed 4 of the transactions and then executed the transaction to add c-factors to the market. The attacker was able to use the protocol to obtain approximately $20 million in funds through a known donation attack. Seal contributors quickly noticed this issue and reserved approximately $6.5 million by adding VELO worth approximately $100 to the market. Sonne is investigating the attacker and has suspended the market to mitigate further losses. Sonne is prepared to offer a bounty to the attacker and promises not to pursue the issue further if the attacker returns the funds.

  • Sonne Finance confirms attack, but still has about $6.5 million in funds

    On May 15th, Sonne Finance announced that its Optimism protocol had suffered a known donation attack, resulting in a loss of approximately $20 million. The attack exploited a vulnerability in the newly launched market and within two days of its creation, the attacker used a multi-signature wallet and time-lock function to execute critical transactions, successfully manipulating the market's collateral factors (c-factors). Despite Sonne's team quickly organizing a response to the attack and suspending the market within 25 minutes of discovering the issue to minimize further losses, approximately $6.5 million in funds were still retained. Sonne's team is working hard to track down the identity of the attacker and has offered a bounty to the attacker in the hopes of returning the funds to avoid further investigation. At the same time, Sonne's team sincerely apologizes for this incident and is reaching out to all possible partners to try to recover the funds.

  • A certain address may have lost assets worth about $4.3 million due to private key leakage

    According to CertiK monitoring shows that due to suspicious transactions, preliminary evidence suggests that the private key may have been leaked, and a total of approximately $4.3 million worth of assets have been transferred to the address 0x2705.

  • Chainalysis: Around $24 Million in Crypto to be Stolen by Impostors and Tax Authorities in 2023

    According to Chainalysis, by 2023, approximately $24 million worth of cryptocurrency will be stolen through impersonation and tax authority scams. The company estimates that as of April 2024, the total amount stolen will be close to $17 million.

  • Multisig Exploit hacker-related addresses become active and launder money

    Multisig Exploit's hacker attack was the first hacker attack in ETH's history, with over 150,000 ETH stolen, worth about $30 million at the time (back in July 2017). Today it is worth nearly $450 million, and more than 80,000 ETH is still involved in the addresses starting with 0xb37647. The address has sent about 70,000 ETH to seven different addresses, each with 10,000 ETH. In recent months, these different addresses have been slowly laundering the money. One of the addresses starting with 0x5167052 has recently become active again.

  • TON community member: Some TON wallets received virtual account NFTs starting with "888", which is a phishing project

    On May 13th, according to a member of the TON official community, a new NFT with a virtual number starting with "888" has been added to the TON wallet. However, the transaction fee for each transfer is as high as 1 TON, which is caused by the fishing project changing the Gas.

  • WinRAR Zero-Day Vulnerability Allowed Hackers to Breach Crypto and Stock Trading Accounts

    Developers of the file compression software WinRAR have fixed a zero-day vulnerability that was being exploited by hackers to install malware on unsuspecting victims' computers. The vulnerability allowed hackers to breach online crypto and stock trading accounts. The exploit was used for approximately four months, during which time malicious RAR and ZIP archives were distributed on trading forums, infecting at least 130 devices.

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company