Find out how many ChatGPT logins were stolen.

Jun 21 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that’s blowing up like the UK inflation rate. ???? 

Today’s hottest cyber security stories:

  • 100k ChatGPT logins stolen and sold on the dark web

  • Mystic Stealer attacks 40 browsers, 70 extensions. Call the mystic healer!

  • Reddit ransomware! 80GB of confidential data stolen. ‘Pay or we’ll leak it away’


ChatGPT makes the news again! Brace yourselves for a tale of mischief and cyber shenanigans.

Picture this: Over 101,100 OpenAI ChatGPT accounts lost themselves in the seedy depths of the dark web marketplaces, like a bunch of hapless tourists in a dodgy estate.

India took home the gold in this unexpected competition, snatching a whopping 12,632 stolen credentials! Talk about an impressive heist, Bollywood-style!

Our friendly neighbourhood cybercrime detectives at Group-IB stumbled upon these pilfered treasures while perusing their info stealer logs.

They discovered that May 2023 was like Christmas morning for these sneaky hackers, with a peak of 26,802 compromised ChatGPT accounts up for grabs.

It was like a virtual shopping spree for the mischievous minds out there. Like a good old fashioned BLM looting. But online.

Now, it's time for the grand unveiling of the countries with the highest number of compromised ChatGPT credentials. Drumroll, please!

Joining India on this not-so-prestigious list are the pranksters from Pakistan, followed by Brazil, Vietnam, the pharaohs of Egypt, the Yankees of America, the French frogs, the sultans of Morocco, the Indos from Indonesia, and last but not least, the Bangladeshis.

Now, let's dive into the world of cyber-critters, because not all thieves wear black capes and twirl their moustaches. Nope, these ones go by the names of Raccoon, Vidar, and RedLine. And what a trio they make!

Raccoon, the top dog (top raccoon?), managed to breach a staggering 78,348 ChatGPT accounts.

Vidar and RedLine, not to be outdone, played second fiddle with 12,984 and 6,773 compromised accounts, respectively.

So, there you have it, friends. A tale of cybercrime, stolen AI identities, and mischievous raccoons.

Stay safe out there, keep your passwords strong, and always be on the lookout because you never know what’s lurking in the shadows of the internet!

It’s the hack of all trades!

You’ll need a mystical healer after this… That’s right, hold on to your antivirus software, folks, because we've got a malware tale that's as mystifying as a magic trick gone wrong!

Enter Mystic Stealer, the newest mischievous malware to hit the cyber scene. This sneaky little rascal has a knack for stealing data from not just one, not two, but a whopping 40 different web browsers! Take a day off, will ya?

But wait, there's more! This malware isn't satisfied with just infiltrating browsers. Oh no, it's got its sights set on bigger treasures. It's like a tiny pirate sailing the digital seas, targeting cryptocurrency wallets, Steam accounts, and even Telegram.

It's like the Jack Sparrow of the malware world, always searching for hidden treasures and secret booty (giggity).

Now, let's talk about Mystic Stealer's impressive skills of evasion. This malware is no amateur; it's got an extensive bag of tricks to avoid getting caught.

Researchers from InQuest and Zscaler discovered that the code is so cleverly concealed that it could give Houdini a run for his money.

They mentioned technical terms like "polymorphic string obfuscation" and "hash-based import resolution."

You might be wondering what kind of software sorcery brings Mystic Stealer to life. Well, it's crafted with care using the C programming language.

And just to keep things interesting, the creators decided to develop the control panel using Python.

So, there you have it, ladies and gentlemen. Mystic Stealer, the malware magician, stealing data left and right from unsuspecting web browsers, cryptocurrency wallets, and digital hangouts.

Remember, the real magic happens when we outsmart these tricksters and keep our data safe. Abracadabra, no more malware drama!

Hackers: Reddit or not, here we come

Hold your upvotes, Redditors, because it seems like those mischievous hackers are up to their old tricks again, and this time they've got Reddit in their sights.

Brace yourselves for the tale of the BlackCat ransomware gang, also known as ALPHV, and their daring cyber-heist.

In a dark corner of the web, the BlackCat gang proudly boasts about their misdeeds, claiming to have swiped a whopping 80 gigabytes of compressed data from Reddit's treasure trove during a breach that took place back in February.

Who’s Keyser Söze?

It was Christopher Slowe, also known as the enigmatic KeyserSosa, Reddit's CTO, who revealed that those sneaky hackers had managed to wriggle their way in through a "highly-targeted" phishing attack. Crafty devils, aren't they?

But hold your horses! According to Slowe, Reddit has some good news amidst the chaos. They claim to have no evidence that any personal user data, like passwords and accounts, ended up in those villainous hackers' clutches. Phew!

So, will Reddit pay the ransom and reverse their controversial API price hikes? Only time will tell. Stay tuned, stay safe, and remember, upvote responsibly!

So long and thanks for reading all the phish!

Recent articles