UPDATED 19:21 EST / JULY 20 2023

SECURITY

200,000+ OpenAI credentials found for sale on the dark web

More than 200,000 OpenAI LP credentials have been discovered for sale on the dark web, according to new research.

Bleeping Computer reported Wednesday that the figure came from researchers at security company Flare Systems Inc., which analyzed dark web forums and marketplaces, shady sites reachable with special software. It found that OpenAI credentials are among the latest commodities available. Although 200,000 is a significant figure, the estimated number of OpenAI users, including ChatGPT users, sat at about 100 million as of January and no doubt has grown considerably since then.

The stolen credentials apparently show that generative artificial intelligence tools have the potential for malicious activity. The figure is also roughly double the figure of over 100,000 ChatGPT login credentials found by cybersecurity company Group-IB Global Private Ltd. in a report in June.

Following the Group-IB report, OpenAI said last month that it “maintains industry best practices for authenticating and authorizing users to services including ChatGPT” and that it encourages users to use strong passwords and install only verified and trusted software on personal computers.

“With the rise of generative AI, it is no surprise that credentials for generative AI tools and chatbots are a sought-after form of data,” Philipp Pointner, chief of digital identity at identity verification services company Jumio Corp., told SiliconANGLE. “With over 200,000 OpenAI credentials up for grabs on the dark web, cybercriminals can easily get their hands on other personal information like phone numbers, physical addresses and credit card numbers.”

Pointner warned that generative AI chatbots also bring an additional concern. “With these credentials, fraudsters can gain access to all types of information users have inputted into the chatbot, such as content from their previous conversations and use it to create hypercustomized phishing scams to increase their credibility and effectiveness,” he added.

The interest hackers have in generative AI was emphasized in a report on July 13 that detailed “WormGPT,” a custom AI tool that is being used for nefarious purposes.

Developed in 2021, WormGPT is an AI model built on the GPTJ language model that offers enhanced features, including unlimited character support, chat memory retention and code formatting capabilities. Unlike its ChatGPT and other ethical GenAIs, WormGPT has been explicitly designed for malicious activities and has been observed to produce cunning and persuasive Business Email Compromise emails.

Image: Pexels

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU