The cyberattack on Reddit in February has been claimed by the ransomware group BlackCat, which is now demanding a payment of $4.5 million to prevent the publication of 80GB of stolen data from the site. In addition to the ransom, the group, also known as ALPHV, is insisting that Reddit reverse the recent controversial API price changes.
In a recent message, seen above, posted by the group, the perpetrator stated, “We are confident that Reddit will refuse to pay for their data. However, we are pleased to reveal the statistics they track about their users and the confidential data we have acquired. In our previous email, we demanded $4.5 million in exchange for deleting the data and maintaining our silence.”
After discovering the sophisticated phishing attack in February, Reddit confirmed that the hackers had gained access to internal documents, dashboards, code, and business systems. Data related to current and former employees, company contracts, and some advertisers was compromised. However, Reddit assured users that passwords and other data linked to user accounts were not believed to be compromised.
BlackCat’s demands extend beyond the ransom, as they also seek the reversal of Reddit’s decision to charge third-party apps for API access. This move could potentially impose significant financial burdens on developers and lead to the shutdown of popular apps. While numerous subreddits have voiced their opposition to these changes, Reddit’s leadership appears determined to proceed with the plan.
Security Week reported that BlackCat emerged in November 2021 and had already targeted over 100 organizations by July 2022. The group has remained active, launching an attack on Western Digital in March, resulting in the theft of 10 terabytes of data. They have also recently threatened to release data allegedly stolen from Ring, a video doorbell company owned by Amazon.