Connect with us

Social & Entertainment

Reddit hackers ask for a huge $4.5 million as ransom and API pricing changes to withhold disclosure of 80GB of internal data




Hackers breached Reddit’s internal data in February through a phishing campaign, they are now demanding ransom and changes to the API pricing policy.

The cybercriminal group known as BlackCat has come forward, claiming responsibility for the security breach that occurred on Reddit’s systems earlier this year. This revelation follows the previous report by Bleeping Computer, shedding light on the details of the attack. BlackCat asserts that it successfully executed a phishing attack on Reddit in February, and as a result, obtained approximately 80GB of sensitive data. To add weight to their demands, BlackCat has issued an ultimatum, threatening to publicly release the pilfered information if their stipulations are not met.

Hackers threaten to release internal data

The primary demand put forth by the ransomware group is a substantial sum of $4.5 million, which they seek in exchange for the stolen data. However, BlackCat’s demands extend beyond mere monetary compensation. The group insists that Reddit must revert its recently announced API pricing modifications, which provoked extensive backlash from users and moderators alike. By demanding a reversal of these contentious policy changes, BlackCat seeks to exert influence over the platform’s decision-making processes.

Reddit had previously disclosed that the security breach was the result of an elaborate and meticulously targeted phishing attack. The hackers managed to exploit this approach to gain unauthorized access to internal documents and data, including sensitive contact information pertaining to employees and advertisers. However, Reddit maintained that the hackers had not breached any user data that had not already been made public.

BlackCat wants changes in Reddit API pricing

Reddit recently found itself at the center of attention once again due to a reported hack. While the company declined to comment on the incident, it has been suggested by Bleeping Computer that this recent attack, known as the BlackCat hack, may be linked to an incident that Reddit disclosed back in February.

The BlackCat hack has introduced a new set of demands, specifically revolving around API pricing changes. This development has further exacerbated the already strained relationship between Reddit’s leadership and its highly engaged user base. The company’s decision to implement charges for developers of third-party apps, potentially amounting to millions of dollars annually, sparked a backlash. In response, numerous influential subreddits opted to go dark, limiting new posts and restricting public access.

Reddit says changes won’t be rolled back

In an interview, Reddit’s CEO, Steve Huffman, defended the platform’s stance on third-party apps. He stated that Reddit was never initially designed to support such applications and emphasized that the proposed changes would not be rolled back.

This recent hack is not the first security breach that Reddit has faced. In 2018, the company fell victim to an attack where a hacker gained unauthorized access to user data, including email addresses, as well as old usernames and passwords.

While the company has yet to officially comment on the BlackCat hack, it is undoubtedly a matter of concern for both Reddit and its user community. The demand for API pricing changes, coupled with the company’s previous security breach, underscores the importance of robust cybersecurity measures and continuous vigilance to safeguard user information.


Copyright © 2023 Futurfeed