[KMnO4]

You’d be surprised… I ran a MITM proxy on my phone’s network and then downloaded ~30 of those scam apps which just wrap ChatGPT (you know, with names like “Best GPT AI chat 4”).

I found about a third were connecting to OpenAI directly, exposing their full API key in the headers of every request.

[msoad]

Amazing! Steal their keys and stop their $29.99/mo subscription after one month. Profit!

Even if they don’t expose the key it’s likely they are proxying the API with their own “security” which should not be too hard to steal the lang lasting token

[riverdweller]

Wow - just tried this and struck gold on the very first amateurish-looking GPT-wrapper iOS app I tested.

[giovapanasiti]

LMAO. They kinda deserved you used those keys for your own interests.