Reddit Hack Ransom Demand Confidential Data BlackCat Ransomware Gang | #ransomware | #cybercrime

Social discussion forum Reddit is being threatened by hackers who have said they would release confidential data stolen from the platform, if the company does not pay a ransom demand, and reverses its controversial API price hikes, the media has reported. The hackers have posted on a dark web leak site — the BlackCat ransomware gang and have allegedly stolen 80 gigabytes of compressed data from Reddit in a data breach that happened in February. However, Reddit had claimed that its production systems were not compromised, and no user passwords, accounts, or credit card information were impacted.

The hackers say they are demanding $4.5 million in exchange for deleting the stolen data and for Reddit to withdraw its API pricing changes, sys a report by The Verge.

Meanwhile, the company is facing a huge protest by thousands of Reddit communities against its policy to implement API pricing changes or charge third-party apps for data access. More than 8,000 Reddit communities, which have millions of subscribers, started protesting against Reddit’s new API pricing changes that could kill off third-party apps.

To recall, Reddit in February confirmed it was hacked by threat actors that gained access to its internal documents and source code that was a result of a “highly-targeted” phishing attack. According to Reddit CTO Christopher Slowe’s post, the company became aware of the “sophisticated” attack targeting Reddit employees on February 5.

The company employees had been receiving “plausible-sounding prompts,” which lead to a website that mimic the looks and behaviour of its intranet gateway, designed as such to steal people’s logins and second-factor tokens, a report said. A Reddit staffer did fall for the scheme, but they had self-reported. 

“On late (PST) February 5, 2023, we became aware of a sophisticated phishing campaign that targeted Reddit employees. As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens,” read a post by Christopher Slowe, CTO of Reddit.

Source link

National Cyber Security