Kaspersky, ChatGpt accounts stolen on the dark web
In 2023, another 3,000 posts were identified on the dark web and Telegram shadow channels
In 2023, the Kaspersky Digital Footprint Intelligence service discovered nearly 3,000 posts on the dark web, discussing the use of ChatGpt for illegal purposes or referring to tools based on AI-based technologies.
“The popularity of AI tools has favored the integration of automatic replies from ChatGpt or its equivalents into some cybercriminal forums. Additionally, threat actors tend to share jailbreaks through various dark web channels – special prompt sets that can unlock additional functionality – and to devise ways to exploit legitimate tools, such as those for template-based pentesting, for malicious purposes,”
explained Alisa Kulishenko of Kaspersky.
In addition to chatbots and artificial intelligence, a lot of attention is being paid to projects like xxxgpt , Fraudgpt and others.
These language models are marketed on the dark web as alternatives to ChatGpt, boasting additional features and the absence of the original limitations. Another threat to individuals and businesses is the account market for the paid version of ChatGpt.
In 2023, another 3,000 posts (in addition to those already mentioned) advertising ChatGpt accounts for sale were identified on the dark web and in Telegram's shadow channels. These posts distribute stolen accounts or promote automatic registration services that mass create accounts on demand. In particular, some posts were published repeatedly across multiple dark web channels.
The dynamics of dark web posts offering stolen ChatGpt accounts or self-registration services.
«Generative AI and chatbots are unlikely to revolutionize the attack landscape, at least in 2024. The automated nature of cyberattacks often means automated defenses. However, staying informed about attackers' activities is critical to staying ahead of adversaries in terms of enterprise cybersecurity,” Kulishenko added.
To avoid threats related to the activities of cybercriminals in Internet shadow channels, Kaspersky experts believe it is appropriate to recommend the following security measures:
using Kaspersky Digital Footprint Intelligence helps security analysts explore an adversary's view of corporate assets, quickly uncovering potential attack vectors available. This also helps to raise public awareness of existing threats from cyber criminals, in order to adjust defenses accordingly or promptly adopt counteraction and elimination measures;
choose a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business, with behavior-based detection and anomaly checking capabilities for effective protection against known and unknown threats;
dedicated services can help combat high-profile attacks. The Kaspersky Managed Detection and Response service can help identify and block intrusions in their early stages, before the perpetrators achieve their goals. If an incident occurs, the service helps to react and reduce the consequences, in particular to identify compromised nodes and protect the infrastructure from similar attacks in the future.