The menace actor marketed GPT-4 or Claude API keys beginning at solely $15 every, whereas typical costs for numerous OpenAI fashions run between $5 and $30 per million tokens utilized, the researchers added.
LLM Paradise, nevertheless, couldn’t maintain itself for longer and, for unknown causes, shut down its providers just lately. Nonetheless, menace actors went across the snag and are nonetheless working some adverts for stolen GPT-4 API keys on TikTok, revealed since earlier than {the marketplace} was shuttered.
Aside from the GPT-4 and Claude APIs, different credentials put up on the market on LLM Paradise-like marketplaces embody these for Quillbot, Notion, Huggingface, and Replit.
Credentials can be utilized for phishing, malware and breaches
eSentire researchers mentioned the stolen credentials have larger worth by the hands of cybercriminals for his or her multifold returns. “Risk actors are utilizing in style AI platforms to create convincing phishing campaigns, develop refined malware, and produce chatbots for his or her underground boards,” they mentioned.
Moreover, they can be utilized to entry a corporation’s company GenAI accounts which additional permits entry to prospects’ private and monetary data, proprietary mental property, and personally identifiable data.
The hacked credentials may permit entry to knowledge restricted to company prospects solely, thereby affecting GenAI platform suppliers too. OpenAI was discovered to be essentially the most affected with over 200 OpenAI credentials posted on the market per day.
