Reddit was the victim of an intrusion last February. The group responsible for this attack is demanding the payment of a large ransom and the cancellation of the return to free access to the site’s API.
Reddit, the website that ranked in 10th most visited site in the world just a few weeks ago, is in turmoil. After announcing the killing of third-party applications allowing users to browse the platform without ads at the beginning of June, the platform claims to have been targeted by an attack last February. The hackers would have stolen no less than 80 GB of data and claim the payment of a large ransom against the promise to erase the information in their possession.
On the same subject — Cybersecurity: France is the 5th country most targeted by ransomware attacks
BlackCat, the group responsible for this intrusion, achieved its ends by using a employee phishing technique the company. According to Bleeping Computer, this allowed them to break into “Reddit’s systems and steal internal documents, source code, employee data, and limited advertiser data from the company.” That said, according to site officials, “ no user password, account or credit card information was not affected”.
Cybercriminals steal Reddit data and demand $4.5 million ransom
BlackCat is not at its first attempt. In 2022 alone, he is said to have carried out 215 such attacks. On his list, we can count the campaign against Elden Ring in March 2022 or against Bandai Namco a few months later. They also do not hesitate to attack health establishments, threatening to reveal the personal data of patients.
In addition to demanding a ransom of $4.5 million, they also demand that Reddit reverse the decision to charge for access to the site’s API. They suspect that the company will not comply with their demands and declare in a message to the press: “we are convinced that Reddit won’t pay for his data. We are preparing to release the data.”