Hackers threaten to leak stolen data if Reddit doesn’t reverse API changes

/in


The situation surrounding Reddit’s changes to its API continues to get even weirder. Earlier this year, a ransomware group used a sophisticated phishing attack to steal 80GB of data from Reddit. Now, ransomware group BlackCat is claiming responsibility for that hack and threatening to release that information if Reddit doesn’t reverse its API changes and pay a $4.5 million ransom…

As spotted by Bleeping Computer, researcher Dominic Alvieri spotted BlackCat’s announcement today in which it threatens to release the data publicly if Reddit doesn’t meet its demands.

BlackCat is demanding that Reddit not only pay that $4.5 million ransom but also reverse its controversial API changes that will kill many third-party apps. BlackCat was previously waiting for Reddit’s long-awaited IPO to claim responsibility for this breach but has instead opted to seize on the ongoing controversy surrounding those API changes.

I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data. But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took.

In our last email to them, we stated that we wanted $4.5 million in exchange for the deletion of the data and our silence. As we also stated, if we had to make this public, then we now demand that they also withdraw their API pricing changes along with our money or we will leak it.

Reddit publicly acknowledged the security incident back in February, saying that it was a “sophisticated and highly-targeted phishing attack.” The attackers sent “plausible-sounding prompts” redirecting employees to a website that cloned the behavior of the company’s intranet. As a result, the attackers were able to steal credentials and two-factor tokens.

Based on our investigation so far, Reddit user passwords and accounts are safe, but on Sunday night (pacific time), Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to…

Source…