As a result of recent research, login credentials of more than 100,000 hacked ChatGPT accounts entered the dark web market by May 2023.

Group-IB according to their research and the findings they obtained, user names and passwords were discovered, where information sold through forms on the dark web was stolen by malicious software.

There are several reasons why AI-powered ChatGPT account credentials are the focus of attack and are stolen;

First, the increasing use of OpenAI's ChatGPT in the workplace increases the risk of confidential and sensitive information falling into the hands of unauthorized persons.

There is also a potential danger that employees may have reused the same password for their ChatGPT account as for other online accounts, increasing the possibility that attackers could access other online accounts, using compromised details to steal other corporate data.

According to the researchers, most of the ChatGPT credentials were found to be compromised by the malware called Raccoon.

Raccoon malware is used by attackers to steal sensitive data from victim's browsers and cryptocurrency wallets, retrieve saved credit card information, saved login information, and extract information from cookies.

Hackers and scammers can access and purchase Raccoon for as little as $200 per month.

Development of Raccoon malware, Ukrainian citizen Mark Sokolovsky at FBI requestIt was interrupted after its arrest in the Netherlands, but its current versions continue to be actively sold and used.