"Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4"

Recently, the moderators of the r/ChatGPT Discord channel banned a script kiddie who shared stolen OpenAI Application Programming Interface (API) keys with hundreds of other users. API keys enable developers to integrate OpenAI's technologies into their own applications, specifically its most recent Large Language Model (LLM), GPT-4. However, developers often forget their keys in their code, making account theft a simple matter of clicking. Since March, the script kiddie by the name "Discodtehe" has been scraping API keys from source code published on the software collaboration platform Replit. The individual provided free access to the keys on r/ChimeraGPT, where over 800 users began racking up usage charges on the compromised accounts. Discodtehe is no longer on Discord or Reddit, but experts emphasize that tens of thousands of exposed API keys are still in the open. This article continues to discuss the script kiddie who was freely sharing stolen OpenAI API keys with hundreds of other users and how developers can protect their API secrets. 

Dark Reading reports "Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4"