Chai Shai Chaishai with me

Hackers threaten to reveal stolen Reddit data unless firm pays $4.5 million and changes unpopular pricing policy.

The month could be getting worse for Reddit.

A post from the BlackCat ransomware gang on the dark web, which was reviewed and an independent cybersecurity expert, claims the group stole 80 GB of confidential data from Reddit in February and threatens to release it.

The hackers state in their blog post that they initially wanted a $4.5 million payoff “for the deletion of the data and our silence” back in April. After hearing nothing back, the organisation said it made a second demand on Friday: that Reddit abandon a contentious new price scheme that has angered some of the site’s most vocal users.

Reddit’s Chief Technology Officer, Chris Slowe, wrote in February about a security breach. Slowe said in the article that “some internal documents, code, and some internal business systems” had been accessed by hackers after the company’s “systems were compromised as a result of a sophisticated and highly-targeted phishing attack.” The post claims that only employee information was accessed.

On Monday, a representative for Reddit told that the incident in February was the inspiration for BlackCat’s article. The spokesman reaffirmed that no user information was accessed, but made no further remarks.

As part of a planned two-day protest against the company’s decision to start charging high fees for some third-party apps’ access to its platform, more than 6,000 Reddit communities went offline last Monday. Over 3,500 Reddit communities have been inaccessible for over a week.

Even while BlackCat’s ransom note seems to back the protesters’ cause, not everyone is convinced.

I don’t think ALPHV gives a hoot about the API prices. According to Brett Callow, a threat analyst at cybersecurity firm Emsisoft, who analysed the post on the dark web, the attackers just want potential victims to see how much continual misery they may do in order to raise the possibility that they will decide that payment is the least painful alternative.

When asked about its expectations, BlackCat indicated it does not think Reddit will comply.

The organisation stated in the statement on the dark web, “We are pretty convinced that Reddit will not pay for its data. We anticipate a leak of some sort.”

Show More

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button