The Rising Threat of Information Stealers: Protecting Your Online Security

The Rising Threat of Information Stealers: Protecting Your Online Security

In the digital age, our reliance on technology has opened up a Pandora's box of cyber threats. One such alarming trend is the increasing number of compromised ChatGPT accounts. Between June 2022 and May 2023, over 101,100 ChatGPT accounts were compromised and found on the dark web. Shockingly, India alone contributed 12,632 stolen credentials to this distressing statistic.

These cybercrimes were orchestrated by information stealers, malicious actors lurking in the depths of the internet. Group-IB, a renowned cybersecurity firm, uncovered these stolen credentials within information stealer logs that were shamelessly traded on the cybercrime underground.

The magnitude of compromised ChatGPT accounts reached an astounding 26,802 in May 2023. The Asia-Pacific region emerged as the epicenter of this shady business, with the highest concentration of ChatGPT credentials being peddled over the past year.

Let's take a closer look at the countries that made the most significant contributions to this sinister collection of compromised ChatGPT credentials. The top offenders Apart from India includes.

  • Pakistan
  • Brazil
  • Vietnam
  • Egypt,
  • U.S.
  • France
  • Morocco
  • Indonesia

Upon further investigation, it was revealed that the notorious Raccoon info stealer topped the list, breaching a staggering 78,348 logs containing ChatGPT accounts followed by

  • Vidar with 12,984 compromised logs
  • RedLine with 6,773 infiltrations.

These information stealers have gained popularity among cybercriminals due to their ability to snatch passwords, cookies, credit cards, and other valuable data from unsuspecting internet users. They have even managed to target cryptocurrency wallet extensions, demonstrating a knack for swiping sensitive information.

To exacerbate the issue, these logs containing stolen information are actively traded on dark web markets. It is unfathomable that cybercriminals treat personal data as a commodity, openly bartering with it. Such actions are despicable and a grave violation of privacy.

What's even more disconcerting is that these stolen credentials serve as gateways for launching follow-on attacks. This domino effect of cybercrime perpetuates further malicious activities, not only aiding the original perpetrators but also putting everyone else at risk.

Now, here's an eye-opening revelation: many enterprises have wholeheartedly embraced ChatGPT, incorporating it into their day-to-day operations. Employees rely on it for classified correspondences or use the bot to refine proprietary code. However, ChatGPT's default setup retains every single conversation. Imagine the treasure trove of sensitive intelligence that falls into the hands of threat actors if they manage to acquire those account credentials. It's a nightmare waiting to happen.

To safeguard against such risks, it is highly recommended that users adopt proper password hygiene practices. It's time to take your passwords seriously. Additionally, fortify your accounts with the reliable two-factor authentication (2FA) mechanism. By doing so, you add an extra layer of security to your virtual castle, protecting it from malicious intruders.

Amidst the chaos, an ongoing malware campaign has been making waves. It revolves around fake OnlyFans pages and irresistible adult content lures. Crafty cybercriminals employ these tactics to deliver a remote access trojan known as DCRat (or DarkCrystal RAT) and an information stealer right to your virtual doorstep.

But hold your horses; this campaign has been unfolding since January 2023, managing to remain under the radar. Victims are enticed into downloading ZIP files that supposedly contain steamy photos or exclusive OnlyFans content featuring popular adult film actresses. This sly trick aims to lure unsuspecting individuals into their trap.

As if that weren't enough, a new VBScript variant of a malware called GuLoader (or CloudEyE) has emerged. This devious malware utilizes tax-themed decoys to launch PowerShell scripts capable of retrieving and injecting the Remcos RAT into a legitimate Windows process. It's like a virus infiltrating a secret underground hideout.

GuLoader is no ordinary malware loader. It is highly evasive and cunning, favored by cybercriminals for delivering info-stealers and Remote Administration Tools (RATs). This malware excels at playing hide-and-seek, utilizing user-initiated scripts and shortcut files to execute numerous rounds of mind-bogglingly obfuscated commands and encrypted shellcode. Before you know it, a memory-resident malware payload silently operates within a seemingly legitimate Windows process.

In this wild, wild world of cyberspace, dangers lurk in every corner. The threats are real, and it is crucial to remain vigilant. Take precautions to protect your digital fortress from these cunning adversaries. Connect with ANA Cyber Security to Safeguard your online security, prioritize password hygiene, and employ robust authentication mechanisms. It is essential to collaborate with cybersecurity experts, share threat intelligence, and continuously update our defences to stay one step ahead of these persistent adversaries.


ANA Cyber Forensic Pvt Ltd is one of the leading Indian cyber security services companies that provide best solutions to protect your business form security threat. For more information call us at +91 – 90110 41569

phone Email