Friday, April 12, 2024
spot_img
spot_img

Kaspersky – more than 36 million AI & gaming credentials compromised by infostealers in 3 years

spot_img
spot_img
- Advertisement -

The sale of compromised login credentials occupies a significant part of the dark web market. Cybercriminals typically buy and sell accounts from various online platforms and services. These accounts are often initially stolen using data-stealing malware and then leaked on the dark web via infostealer log-files, where they can be further monetized as valuable assets within the realm of cybercriminal activity. Kaspersky has conducted research on the trends within this market and offers insights on how businesses and individuals can safeguard against the corresponding threats.

AI-services’ credential thefts are a steady trend

Credentials from various AI services – image editing, translation, text tuning, chatbots, to voice generators – are being compromised due to their growing popularity.  Over the past three years, for example, approximately 1,160,000 application users’ credentials (logins and passwords) from AI-powered online graphic design tool Canva were compromised with data stealing malware. Kaspersky Digital Footprint Intelligence data showed these credentials surfaced on the dark web forums and shadowy Telegram channels. Another popular AI writing assistant, Grammarly, had around 839,000 user credentials stolen between 2021 and 2023.

One of the most popular AI companies, OpenAI also witnessed users’ credentials being leaked as a result of infostealer activities – nearly 688,000 credentials for the company’s services, including ChatGPT, were compromised between 2021 and 2023 and found on shadowy channels. Notably, in the last year of widespread chatbot adoption, the number of logins and passwords leaked surged by nearly 33 times in 2023 compared to the previous year, reaching approximately 664,000.

The dynamics of credentials from OpenAI services’ accounts compromised in 2021-2023 and leaked on the dark web Source: Kaspersky Digital Footprint Intelligence
Ms. Yuliya Novikova, head of Kaspersky Digital Footprint Intelligence.
Ms. Yuliya Novikova, head of Kaspersky Digital Footprint Intelligence.

The credential compromises in question stem from infostealer activity, a specialized form of malware designed to steal user credentials for cyberattacks, dark web sales, or other malicious activities. Both personal and corporate devices can be infected by infostealers through phishing emails or websites, public-faced sites with malicious content, and various other means,” says Ms. Yuliya Novikova, head of Kaspersky Digital Footprint Intelligence.

Beyond the volumes of compromised accounts outlined above, the dark web market for credentials can be analyzed from the angle of demand for these accounts – specifically by examining the number of posts in which threat actors offer or attempt to buy infostealer log files containing these compromised credentials. The demand for ChatGPT accounts among cybercriminals spiked in March 2023 after the release of the fourth version of the popular chatbot. Since then, it has stabilized at the same level as other AI services. “This suggests that demand for ChatGPT accounts will remain steady. The importance of robust solutions to safeguard against infostealer attacks and other malware is growing for both individuals and companies. For instance, our solution monitors compromised accounts on the dark web and notifies companies in case users of their online resources were compromised,” explained expert Novikova.

The dynamics of dark web posts selling or buying accounts from three popular AI services, 2022-2023. Source: Kaspersky Digital Footprint Intelligence

Roblox sets records for compromised credentials, posing a threat to kids

Between 2021 and 2023, almost 34,000,000 credentials for Roblox were compromised and posted on the dark web, turning the game into a very fruitful target for cybercriminals using infostealing malware. Worryingly, the number of accounts compromised for this popular children’s game have been increasing gradually each year:  over the past three years, this figure rose by 231%, from roughly 4,700,000 in 2021 to 15,500,000 in 2023. In general, the average number of compromised accounts in a combination of 11 other random popular gaming platforms or games – Twitch, Electronic Arts, Sony PlayStation, and Steam amongst others – has increased by 112% since 2021.

Covered By: NCN MAGAZINE / Kaspersky

If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com  roy@roymediative.com9811346846/9625243429.

- Advertisement -
spot_img
spot_img
spot_img
spot_img