View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
June 19, 2023updated 21 Aug 2023 3:53pm

BlackCat claims Reddit ransomware attack and calls for end to API pricing changes

The criminals are demanding $4.5m, and for Reddit to withdraw its controversial API policy.

By Claudia Glover

Ransomware gang BlackCat has claimed responsibility for an attack on Reddit earlier this year, and claims to have 80GB of data from the site. The group appears to be using the stolen information as a way to pressure Reddit into reversing controversial changes to the way it charges to use its APIs, a move which has led to widespread protests among users in recent weeks.

BlackCat behind Reddit hack. (Photo by C. Nass/Shutterstock)

BlackCat is also demanding a ransom of $4.5m, but says on its blog that “we expect to leak the data”, indicating it does not anticipate this ransom will be paid. Reddit has said it has no evidence that private data has been accessed.

Reddit cyberattack: BlackCat claims credit

Reddit announced on 9 February that it had been hacked through a “sophisticated” phishing scam that successfully targeted an employee. This led to unauthorised access to “internal documents, code, as well as some internal dashboards and business systems”.

Data exposed included contact information for hundreds of company contacts, and current and former employees, as well as what Reddit describes as “limited” advertiser data. The platform claims it has no evidence to suggest that any of your non-public data has been accessed.

But yesterday BlackCat, also known as ALPHV, wrote on its dark web victim blog, where the gang normally posts the name of its victims, that it was behind the breach. Dubbing the upcoming leak the “Reddit Files”, the cybercriminals say they tried to contact Reddit twice in April, demanding a ransom of $4.5m for the 80GB of data to be deleted. 

The blog post claims that the stolen data will be of interest to customers as it reveals how Reddit is treating its users: “The public will be able to read about all the statistics they track about their users and all the interesting confidential data we took,” reads the post. “Did you know they also silently censor users? Along with artefacts from their GitHub!”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

BlackCat demands Reddit reverses pricing changes

The gang also made another demand alongside the ransom, which is for Reddit to withdraw its API pricing changes. 

Reddit said in April it was planning to up the price it charges for accessing its APIs, causing a backlash amongst customers and site-wide protest last Monday, which saw many of the busiest sub-Reddits go dark for 24 hours. The cost is going from a few dollars for 50 million API calls to $12,000.

Popular third-party Reddit app Apollo has announced that it is closing down as a result of the price hike, and thousands of subreddits last week went dark to protest the policy. R/music and r/videos have closed permanently.

As reported by Tech Monitor, the move mirrors one introduced by Elon Musk at Twitter earlier this year. Experts suspect that data scraping used to feed generative AI models was in part to blame for the shift in API pricing.

“We now demand that they also withdraw their API pricing challenges, along with our money, or we will leak [the data],” the BlackCat post reads.

Read more: BlackCat posts luxury watchmaker Seiko to its victim blog

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.