Reddit faces ransom calls for: Hackers threaten to leak stolen information amidst API pricing controversy

As if hundreds of subreddits going darkish or discovering different technique of protests weren’t sufficient, Reddit is going through a brand new menace this time. Hackers from the BlackCat ransomware gang – often known as ALPHV – are threatening to launch delicate information they’ve stolen from the discussion board except their calls for are met.

In a publish referred to as “The Reddit Recordsdata,” hackers from the group claimed duty for a previous hack and introduced that it could launch 80GB of compressed information – which it had exfiltrated from Reddit throughout a breach in February – except the corporate dished out $4.5 million from its pockets. And if this isn’t sufficient, it demanded that Reddit roll again its deliberate API pricing adjustments, which have garnered immense backlash from communities, moderators, and subreddits.

BlackCat, in its publish revealed on Saturday, introduced that it had contacted Reddit twice however was but to obtain a response from them. “I instructed them in my first electronic mail that I might wait for his or her IPO to return alongside. However this looks as if the proper alternative! We’re very assured that Reddit won’t pay any cash for his or her information,” BlackCat wrote. “We count on to leak the information.”

The BlackCat ransomware gang’s announcement on their darkish net leak website has despatched shockwaves by the cybersecurity group. For individuals who want a reminder on the February breach, Reddit CTO Christopher Slowe, or KeyserSosa, had introduced on February 5 that it “grew to become conscious of a classy phishing marketing campaign that focused Reddit workers.” The assault enabled the menace actors to entry worker information and even efficiently get hold of an worker’s credentials, permitting them to realize entry to inner paperwork and supply code, in addition to some inner dashboards and enterprise programs. As soon as Reddit grew to become conscious of the phishing assault, it instantly lower off the infiltrators’ entry and commenced an inner investigation.

This incident highlights the vulnerabilities that even main on-line platforms face within the face of more and more refined cyber threats. If the hackers perform their menace to launch the stolen information, it may doubtlessly expose delicate info, together with consumer accounts, personal messages, and different confidential particulars. This highlights the vital want for sturdy safety measures and proactive methods to stop such breaches.

The incident involving Reddit is only one instance of the rising menace of ransomware assaults focusing on organizations worldwide. Cybercriminals are more and more using refined methods to breach programs, steal information, and extort ransom funds. The influence of such assaults goes past monetary losses and might severely injury an organization’s status and erode consumer belief.

And the much less spoken about Reddit’s new API pricing coverage, the higher. The corporate’ s API pricing adjustments have resulted in immense backlash from a number of quarters after Reddit introduced that it could start charging builders of third-party apps exorbitant charges — which may quantity to hundreds of thousands of {dollars} yearly. This, in flip, will power third-party apps like Apollo and Sync to close down due to the excessive costs. Hundreds of subreddits went darkish in response, limiting new posts and shutting public entry, and later resorting to inventive modes of protests.

The blackout on the platform even resulted in Reddit itself taking place for some time on account of experiencing “stability points” after quite a few subreddits participated in a coordinated blackout from June 12-14. Regardless of this, nevertheless, Reddit CEO Steve Huffman lashed out on the moderators and introduced that the adjustments won’t be pulled again, and that Reddit was “by no means designed” to help third-party apps.