Personal Account Access Token Leak Issue

Four days ago, I mistakenly entered my Chat GPT account details on a pirated phishing website. They obtained my access token through certain means and planted a Trojan program on my computer.

Now, I’ve thoroughly cleaned and reinstalled the system on my computer. Despite repeatedly changing my passwords for various important accounts, the impact of the access token leak still lingers. In simple terms, they are using Chat GPT through my account, and I’m unable to track the devices that have logged into my account or activate two-factor authentication.

I’m certain they are using my Chat GPT account, as evidenced by abnormal information limits with the GPT-4 model, the webpage defaulting from GPT-4 to 3.5 with each refresh, and the lack of webpage activity in the bottom left corner when I type text. These signs all indicate that they have stolen access tokens from users like me and are freely providing them to others.

I hope OpenAI can enhance the security of personal accounts by implementing two-factor authentication, device tracking and blacklisting, and setting device limits.

Has anyone else experienced something similar? Maybe you should check your account and computer.

By the way, this happened on a phishing site on GitHub named PandoraNext. I was lured there once, driven by curiosity about a technology mentioned by others. They stole other users’ access tokens to provide to others and the developers embedded viruses in the project. Four days ago, the developer absconded, shutting down all inquiries. Prior to this, someone had pointed out the existence of the virus, only to be ridiculed and mocked by a clueless crowd. This site was up to more than just stealing access tokens; what else they were doing, I have no idea.

I’ve passed this to Github for review.

To your question about security, your login token should get resent fairly quickly, so long as you have changed your password.

You can also report the incident to OpenAI support via the help bot in the bottom right corner of help.openai.com

Thank you so much for your kindness and assistance! I’m actually not very proficient in using Github. I have tried changing my password, and I have also written to OpenAI to report the issue. Hope everything will turn out fine.