What you need to know
- Threat actors have gained access to Reddit's systems and user data through a phishing attack in February of this year.
- The hackers have stolen internal documents, source code, employee data, and some information about Reddit's advertisers.
- A $4.5 million ransom has been demanded, or the attackers threaten to leak the stolen data.
A ransomware gang has threatened to leak Reddit's confidential data unless the company walks back on its recent API price hikes and pays $4.5 million.
Bleeping Computer reports that BlackCat has claimed responsibility for the Reddit attack on February 5, when an employee fell prey to a phishing campaign. As a result, around 80GB of data comprising internal documents, source code, employee contact details, and limited advertiser information have been compromised.
The hackers remained anonymous until recently, when BlackCat owned up to the attack and demanded a large sum of money for the stolen data. Threat actors also want Reddit to reverse its API changes, which could cost third-party app developers millions of dollars per year. The contentious decision also prompted recent site-wide protests in which many subreddits went dark, limiting the visibility of many Reddit posts.
At the time of the hack, Reddit said in a post that there were no signs of a breach of its primary production systems, where the majority of its data is stored. Additionally, there's "no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online."
However, with the recent threat to leak these pieces of data if Reddit does not comply with the attackers' demands, that could change anytime soon. The threat actors claimed in a post on the ransomware group's data leak site, spotted by security researcher Dominic Alvieri, that they tried to contact Reddit on April 13 and on June 16 to raise their demand, but no response was received.
BlackCat’s demand exacerbates Reddit's predicament following API pricing changes. With the increased API price set to take effect on July 1, Reddit has less than two weeks to sort things out or risk having their internal data exposed to the public.