Ransomware gang BlackCat has claimed responsibility for an attack on Reddit earlier this year, and claims to have 80GB of data from the site. The group appears to be using the stolen information as a way to pressure Reddit into reversing controversial changes to the way it charges to use its APIs, a move which has led to widespread protests among users in recent weeks.
BlackCat is also demanding a ransom of $4.5m, but says on its blog that “we expect to leak the data”, indicating it does not anticipate this ransom will be paid. Reddit has said it has no evidence that private data has been accessed.
Reddit cyberattack: BlackCat claims credit
Reddit announced on 9 February that it had been hacked through a “sophisticated” phishing scam that successfully targeted an employee. This led to unauthorised access to “internal documents, code, as well as some internal dashboards and business systems”.
Data exposed included contact information for hundreds of company contacts, and current and former employees, as well as what Reddit describes as “limited” advertiser data. The platform claims it has no evidence to suggest that any of your non-public data has been accessed.
But yesterday BlackCat, also known as ALPHV, wrote on its dark web victim blog, where the gang normally posts the name of its victims, that it was behind the breach. Dubbing the upcoming leak the “Reddit Files”, the cybercriminals say they tried to contact Reddit twice in April, demanding a ransom of $4.5m for the 80GB of data to be deleted.
So it seems… pic.twitter.com/XwSyuHvbmG
— Ely 🇺🇦 🌻 (@ely_sec) June 17, 2023
The blog post claims that the stolen data will be of interest to customers as it reveals how Reddit is treating its users: “The public will be able to read about all the statistics they track about their users and all the interesting confidential data we took,” reads the post. “Did you know they also silently censor users? Along with artefacts from their GitHub!”
Content from our partners
BlackCat demands Reddit reverses pricing changes
The gang also made another demand alongside the ransom, which is for Reddit to withdraw its API pricing changes.
Reddit said in April it was planning to up the price it charges for accessing its APIs, causing a backlash amongst customers and site-wide protest last Monday, which saw many of the busiest sub-Reddits go dark for 24 hours. The cost is going from a few dollars for 50 million API calls to $12,000.
Popular third-party Reddit app Apollo has announced that it is closing down as a result of the price hike, and thousands of subreddits last week went dark to protest the policy. R/music and r/videos have closed permanently.
As reported by Tech Monitor, the move mirrors one introduced by Elon Musk at Twitter earlier this year. Experts suspect that data scraping used to feed generative AI models was in part to blame for the shift in API pricing.
“We now demand that they also withdraw their API pricing challenges, along with our money, or we will leak [the data],” the BlackCat post reads.
