Posted on June 20, 2023 at 8:42 AM
Reddit Hackers Demand A $4.5M Ransom And Changes To Controversial API Updates
The BlackCat ransomware group has claimed responsibility for the breach that happened on Reddit’s systems earlier this year. The hacker group is not only demanding money as ransom for the breach but also policy changes.
Reddit hackers demand a $4.5M ransom
The BlackCat ransomware group has said that it was behind the phishing attack on Reddit that happened in February this year. According to cybersecurity researchers, the ransomware group managed to steal 80GB worth of data from Reddit, and it has also threatened to release this data to the public if its demands are not met.
The ransomware group wants a ransom payment of $4.5 million in exchange for this data. It has also demanded that Reddit suspends the planned changes to its API pricing policy that attracted much protest from users and moderators last week.
At the time that this hack happened, Reddit had said that hackers had deployed a sophisticated and highly-targeted phishing campaign. During this campaign, the attackers managed to access data and internal documents from the platform. The stolen data includes the contact details of employees and advertisers on the platform.
Reddit has earlier said that the hackers did not obtain access to user data that was private and that the accessed data was already public. Moreover, Reddit has failed to share additional details about this breach. Reports have said that the hacking incident that the BlackCat ransomware group is addressing is the same as the February hack on Reddit.
Hackers call for API policy changes
The other demand that is being made by the BlackCat ransomware group revolves around API pricing changes. The proposed changes come amid a contentious back-and-forth between the top leadership at Reddit and some of the users who boast of having a high level of engagement.
Reddit had announced that it would start charging the developers of third-party apps, with the charges amounting to millions of dollars annually. The announcement triggered concerns from the majority of top subreddits who limited new posts, and even closed public access to their platforms.
The CEO of Reddit, Steve Huffman, addressed these changes saying that the platform had not been designed to support third-party apps. Huffman also said that the company would not go back on these proposed changes.
Huffman also held an AMA where he appeared to be dismissing the likelihood of making any changes to the apps that are shutting down their operations. Huffman said that some apps like Apollo, Reddit is Fun, and Sync had decided that the proposed pricing did not work for their businesses. As such, they would shut down operations before the pricing changes came into effect.
He noted that the platform would continue engaging with other apps. He has also acknowledged that the timeline that the company had provided to implement these changes was tight, adding that it would hold talks with those that wanted to work with the company.
Hacking attack on Reddit
The hacking attack on Reddit was first reported by Dominic Alvieri. The hack, which is now being attributed to BlackCat, happened on February 5, where data belonging to the company was exfiltrated by the hackers.
According to a “Reddit Files” post on the data leak site of the gang, the hackers have claimed that they stole 80GB of compressed data from the company during the hack. The attackers are also planning to leak the data in question.
The hackers have also said that they had tried to contact Reddit twice on April 13 and June 16 to demand the ransom. However, according to the hackers, Reddit failed to issue any response on the same.
The ransomware group said they sent an email to Reddit saying that they would wait for the company’s IPO. However, they noted that now was a perfect opportunity, adding that they were confident that the platform would not pay money to recover the stolen data.
However, if the company failed to pay, the hackers noted that the public would access the statistics on how the company tracked its users alongside the other confidential details. They also said that Reddit censored its users.
The company has failed to elicit a response from Reddit, and the threat actors have now threatened to not only leak the stolen data but have also demanded that Reddit backtracks its plans on charging for API access.
It is also not the first time that Reddit is falling victim to a hacking attack. In 2018, a hacker obtained access to user data that included email addresses, old passwords, and user names.
