Security researchers have flagged a concerning trend in cyber threats, emphasizing the growing utilization of zero-day exploits by threat actors to bolster the efficacy of targeted attacks. Group-IB’s Hi-Tech Crime Trends Report 2023/2024 underscores a notable 70% surge in public advertisements offering zero-day exploits between 2022 and 2023. These exploits, exemplified by vulnerabilities like CVE-2023-38831 in the ZIP file format, are increasingly marketed to clients through subscription models, with fees reaching as high as $1000 per month.
Of particular concern is the heightened interest observed in acquiring ChatGPT credentials within the cybercriminal underground. This interest stems from the fact that public large language models (LLMs) often retain chat logs, presenting an enticing avenue for threat actors to infiltrate and harvest sensitive corporate data. Group-IB notes that while users input various types of data into AI systems, including confidential and authentication information, these accounts frequently lack robust multi-factor authentication (MFA) safeguards, further exacerbating the risk.
The ramifications of compromised ChatGPT credentials are significant, as they grant threat actors direct access to an extensive trove of sensitive information, including communication logs, internal infrastructure details, and authentication data. This access not only facilitates espionage activities but also enables threat actors to conduct more damaging attacks by leveraging the acquired insights. Group-IB’s report highlights a concerning statistic, revealing the availability of over 225,000 infostealer logs containing compromised ChatGPT credentials on the dark web between January and October 2023.
Moreover, the report underscores a corresponding surge in cyber threats targeting Apple devices and computers, reflecting the increasing adoption of these systems by corporate entities. Group-IB points out a five-fold increase in queries related to macOS stealers on popular underground forums between 2022 and 2023, indicating a growing interest among threat actors in exploiting vulnerabilities within Apple’s ecosystem. These findings underscore the evolving nature of cyber threats and the critical importance of robust cybersecurity measures to safeguard sensitive data and corporate assets.
