Reddit in trouble: dangerous hacker gang threatens with massive data breach

Things are getting difficult for the operators of the social media platform Reddit: the ransomware gang ALPHV (“BlackCat”) threatens them with a huge data breach. The cyber criminals allegedly stole 80 gigabytes (GB) in a hack last February.

The blackmail happens at the worst possible time. Reddit, which plans to go public in 2023, is currently hit by massive user protests (more on that below).

Because those responsible did not want to negotiate with them, the extortionists are now announcing that the captured data will be published on the Darknet. A similar message is dated last Saturday (June 17).

The threat must be taken seriously: ALPHV is one of the most powerful gangs that exploit ransomware-as-a-service (RaaS). The unknown criminals are known to “exfiltrate” large amounts of data and put enormous pressure on victims who are unwilling to pay.

ALPHV was responsible, among other things, for hacker attacks against Swiss airport service provider Swissport and financial services provider Finaport. And the group paralyzed the Austrian state of Carinthia.

The gang has repeatedly been active on Russian-language hacker forums. Some members are said to have worked for the notorious Russian hacker and extortion gang REvil (later BlackMatter and DarkSide) in previous years.

$4.5 million ransom

On February 9, Reddit informed of a hacker attack detected on February 5. At the time, an employee would have fallen victim to a phishing attack.

The hacker or hackers allegedly gained access to the Reddit systems unnoticed and “internal documents, source code, employee data and limited data about the company’s advertisers” were stolen.

Reddit’s chief technology officer (CTO), Christopher Slowe, tried to put the attack into perspective in a post: The “primary production systems” were not affected.

The ALPHV extortionists claim they tried to contact Reddit twice, on April 13 and June 16, demanding $4.5 million for data deletion, but received no response.

The subreddit blackout

The alleged data theft and extortion come at a particularly opportune time for Reddit: the company is currently undergoing an unusual strike.

Since last Monday (June 12), some of the most well-known Reddit discussion forums (called subreddits) have shut down or massively scaled back their activities. More than 8,000 subreddits took part in the so-called “blackout”, including those with millions of users.

The protest is supported by thousands of volunteers who are active as (unpaid) content moderators on the platform. They are protesting a controversial plan by Reddit management.

From July 1 the Accessing the Reddit programming interfaces (APIs) is vastly more expensive become. Providers of popular Reddit apps like Apollo publicly warned that they couldn’t afford the extra charges.

Apollo developer Christian Selig estimated, according to a report by the AP news agency, that the additional costs would amount to about $20 million per year.

If third-party apps become unavailable, it would make the job of the so-called “mods” much more difficult. And thus complicate the fight against the spread of disinformation and hate on the platform.

But third-party Reddit apps are also important for their screen reader functionality. The official Reddit app is not accessible to people with visual impairments.

Reddit CEO Steve Huffman said over the weekend that the company is sticking to announced API price increases and will not respond to demands from subreddit moderators.

Founded in 2005, the social media platform is expected to go public in the second half of 2023.

Sources