Months after the Reddit cyber attack, the ALPHV/BlackCat ransomware group shared details about their failed negotiations with Reddit. The social news aggregation and discussion website became a target of a cyber attack earlier this year.
The alleged Reddit ransomware attack was launched on February 5, 2023, according to a tweet shared by Dominic Alvieri.
The Reddit cyber attack has led to the exfiltration of 80 GB of confidential data, the ransomware group claimed on its website.
Latest update about the Reddit cyber attack
According to the website post of BlackCat claiming the Reddit cyber attack, the hackers contacted the Reddit staff twice to negotiate the ransom payment.
The content rating website Reddit was contacted first by BlackCat on April 13 which means the hackers stayed on its server for over two months stealing all the data they could amounting to 80 GBs.
On June 16, Reddit was contacted for the second time regarding negotiations after the targeted cyber attack. Understandably, the company declined to engage in discussions concerning the ransom demands put forth by the group responsible.
“There was no attempt to find out what we took,” the BlackCat group said on its website post. The group further said, “This is again another instance of Steve Huffman undermining his own agenda.”
Details about the Reddit cyber attack
Early this February, Reddit suffered a security breach via a phishing email targeting the staff of the company. The phishing email had links to a duplicate website similar to Reddit’s internal network gateway.
The employee who noticed the cyber attack through their device promptly shared the news with the company who revoked the hacker’s access. Hackers were able to gain access to the the company’s internal systems in the Reddit security breach.
They stole login credentials and two-factor authentication tokens and then leveraged the credentials to further exfiltrate confidential documents, and source codes. They also accessed internal dashboards and business systems.
The company’s investigations into the Reddit cyber attack confirmed that the core systems were not breached however, contact information of company staff and advertisers were compromised.
Reddit cyber attack, protests, and failed negotiations
While the ransomware group is waiting to extract money from the Reddit cyber attack, Steve Huffman, the Co-Founder and CEO of Reddit has been in the news for protests from moderators.
The moderators are voicing their disagreements about the price hike in accessing data. Acknowledging the importance of protests but denying this one, Steve said, “Protest and dissent is important. The problem with this one is it’s not going to change anything because we made a business decision that we’re not negotiating on,” according to a Fortune report.
“He makes an effort to appear tough, but we are all aware of what happens to individuals like him when businesses go public such as Adam Neumann of WeWork,” the ALPHV further said in its post claiming the Reddit ransomware attack.
The Cyber Express reached out to Reddit for a statement to comment on the alleged cyber attack and the negotiations. We will update this report based on their response.
Second ransom negotiation email for the Reddit cyber attack
The first email by the hackers read that they will wait for comments from Reddit about ransom negotiations, the dark web post read. “We are very confident that Reddit will not pay any money for their data,” the Reddit cyber attack post further read.
The BlackCat hackers made sarcastic remarks after understanding that the target will not be making ransom payments. They said that they were very happy to know that people will read the statistics the company keeps track of.
READ MORE | Reddit Cyber Attack: How to Protect Your Account?
The stolen data from the Reddit cyber attack allegedly contains user statistics, users restricted from the platform, and artifacts from its GitHub. They have the data in ZIP format.
The second negotiation email from BlackCat about the Reddit ransomware attack made a ransom demand of $4.5 million for the deletion of the data and for BlackCat to not make a mention of the alleged exfiltration of data from Reddit.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
