BlackCat ransomware gang demands $4.5M, API changes for 80GB leaked Reddit data | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Hackers from the BlackCat, aka AlphaV, ransomware gang have contacted Reddit Inc. claiming to be behind a hack that affected the social media forum platform in February that took over 800 gigabytes of internal documents, code, contracts and employee information. The hacker group also demanded $4.5 million to not release the stolen data.

Reddit revealed that the original breach occurred on Feb. 5 in a post by Reddit Cheif Technology Officer Christopher Slowe, aka KeyserSosa, saying that the company “became aware of a sophisticated phishing campaign that targeted Reddit employees” and that one employee fell victim to the attack and although attackers got access to internal systems that the compromise did not affect primary production systems.

At the time, Reddit commented that there was no evidence that the attack affected any user information.

The group has resurfaced months later now that Reddit is in the midst of protests over unpopular changes regarding pricing and access to its application programming interfaces. Specifically, how much the company will now charge apps that use the company’s API, this has caused many of its subreddits, or forums, on the site to make themselves private – with some, such as r/music and r/videos closing down indefinitely.

BlackCat has revealed in a post entitled “The Reddit Files” that it attempted to contact Reddit originally on April 13, after the original hack, and more recently on June 13, on its website. The ransomware group stated that now the group is demanding $4.5 million in exchange for the deletion of the data and that Reddit walk back its new stance on the API pricing changes or the group will leak the data.

“I told them in the first email that I would wait for their IPO to come along. But this seems like the perfect opportunity!” the hackers wrote in the post. “We are very confident that Reddit will not pay any money for their data.”

The same hacker group is believed to be the hacking group behind the attack on computer storage device maker Western Digital Corp. earlier this year, which ended in the theft of 10 terabytes of data from the company’s network. The same attack caused a massive service outage for customers of Western Digital’s consumer cloud services.

This isn’t the only hack that Reddit has suffered, in 2018 the website suffered a breach where a hacker gained access to backend systems by intercepting SMS text messages. The hacker stole a very early historical trove of backup data from Reddit’s launch in 2005 through 2007 including usernames, email addresses, posts, private messages and salted passwords.

Image: Pixabay

Your vote of support is important to us and it helps us keep the content FREE.

One-click below supports our mission to provide free, deep and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy



Click Here For The Original Source.

National Cyber Security