- Nile unwraps NaaS security features for enterprise customers
- Even Nvidia's CEO is obsessed with Google's NotebookLM AI tool
- Get these premium Sony Bravia home theater speakers for $500 off during Black Friday
- The best Black Friday soundbar and speaker deals: Save on Bose, Sonos, Beats, and more
- One of the best pool-cleaning robots I've tested is $450 off for Prime Day
Hottest selling product on the darknet: Hacked GenAI accounts
The threat actor advertised GPT-4 or Claude API keys starting at only $15 each, while typical prices for various OpenAI models run between $5 and $30 per million tokens utilized, the researchers added.
LLM Paradise, however, couldn’t sustain itself for longer and, for unknown reasons, shut down its services recently. However, threat actors went around the snag and are still operating some ads for stolen GPT-4 API keys on TikTok, published since before the marketplace was shuttered.
Other than the GPT-4 and Claude APIs, other credentials put up for sale on LLM Paradise-like marketplaces include those for Quillbot, Notion, Huggingface, and Replit.
Credentials can be used for phishing, malware and breaches
eSentire researchers said the stolen credentials have greater value at the hands of cybercriminals for their multifold returns. “Threat actors are using popular AI platforms to create convincing phishing campaigns, develop sophisticated malware, and produce chatbots for their underground forums,” they said.
Additionally, they can be used to access an organization’s corporate GenAI accounts which further allows access to customers’ personal and financial information, proprietary intellectual property, and personally identifiable information.
The hacked credentials can also allow access to data restricted to corporate customers only, thereby affecting GenAI platform providers too. OpenAI was found to be the most affected with over 200 OpenAI credentials posted for sale per day.