As if thousands of subreddits going dark or finding alternative means of protests were not enough, Reddit is facing a new threat this time. Hackers from the BlackCat ransomware gang – also known as ALPHV – are threatening to release sensitive data they have stolen from the forum unless their demands are met.
In a post called “The Reddit Files,” hackers from the group claimed responsibility for a prior hack and announced that it would release 80GB of compressed data – which it had exfiltrated from Reddit during a breach in February – unless the company dished out $4.5 million from its pockets. And if this is not enough, it demanded that Reddit roll back its planned API pricing changes, which have garnered immense backlash from communities, moderators, and subreddits.
BlackCat, in its post published on Saturday, announced that it had contacted Reddit twice but was yet to receive a response from them. “I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data,” BlackCat wrote. “We expect to leak the data.”
The BlackCat ransomware gang’s announcement on their dark web leak site has sent shockwaves through the cybersecurity community. For those who need a reminder on the February breach, Reddit CTO Christopher Slowe, or KeyserSosa, had announced on February 5 that it “became aware of a sophisticated phishing campaign that targeted Reddit employees.” The attack enabled the threat actors to access employee data and even successfully obtain an employee’s credentials, allowing them to gain access to internal documents and source code, as well as some internal dashboards and business systems. Once Reddit became aware of the phishing attack, it immediately cut off the infiltrators’ access and began an internal investigation.
This incident highlights the vulnerabilities that even major online platforms face in the face of increasingly sophisticated cyber threats. If the hackers carry out their threat to release the stolen data, it could potentially expose sensitive information, including user accounts, private messages, and other confidential details. This highlights the critical need for robust security measures and proactive strategies to prevent such breaches.
The incident involving Reddit is just one example of the growing threat of ransomware attacks targeting organizations worldwide. Cybercriminals are increasingly utilizing sophisticated techniques to breach systems, steal data, and extort ransom payments. The impact of such attacks goes beyond financial losses and can severely damage a company’s reputation and erode user trust.
And the less spoken about Reddit’s new API pricing policy, the better. The company’ s API pricing changes have resulted in immense backlash from multiple quarters after Reddit announced that it would begin charging developers of third-party apps exorbitant fees — which could amount to millions of dollars annually. This, in turn, will force third-party apps like Apollo and Sync to shut down because of the high prices. Thousands of subreddits went dark in response, limiting new posts and closing public access, and later resorting to creative modes of protests.
The blackout at the platform even resulted in Reddit itself going down for a while due to experiencing “stability issues” after numerous subreddits participated in a coordinated blackout from June 12-14. Despite this, however, Reddit CEO Steve Huffman lashed out at the moderators and announced that the changes will not be pulled back, and that Reddit was “never designed” to support third-party apps.