Reddit hackers warn of February breach data leak

Reddit attackers claim to have stolen 80 GB of Reddit data. They want $4.5 million in ransom and Reddit to ditch its API pricing changes.

The Russia-linked ALPHV/BlackCat ransomware gang posted Reddit on its dark web blog, which is used to showcase its latest victims. The cybercriminals claim to have stolen 80 GB of data during a breach earlier this year.

In early February, the company said that its systems “were hacked as a result of a sophisticated and highly-targeted phishing attack,” with attackers taking some internal documents, code, and some internal business systems.

ALPHV/BlackCat claims its operators broke into Reddit’s systems on February 5th and informed the company about the stolen data on two occasions. However, according to the gang, Reddit did not try to find out what type of data was taken.

Reddit BlackCat
Message on ALPHV/BlackCat's blog. Image by Cybernews.

Interestingly, ALPHV seems to be trying to ride the wave of furor against Reddit after the company announced new pricing for Application Programming Interface (API) access, which could take third-party Reddit apps like Apollo out of business.

Reddit‘s users went on a digital strike to combat the proposed pricing plan, closing down thousands of subreddits and Reddit-based forums dedicated to specific topics.

"In our last email to them, we stated that we wanted $4.5 million in exchange for the deletion of the data and our silence. As we also stated, if we had to make this public, then we now demand that they also withdraw their API pricing changes along with our money, or we will leak it,” ALPHV/BlackCat said in a blog post.

We've reached out to Reddit for comment but did not receive a reply before publishing this article.

What is ALPHV/BlackCat ransomware?

ALPHV/BlackCat ransomware was first observed in 2021. Like many others in the criminal underworld, the group operates a ransomware-as-a-service (RaaS) business, selling malware subscriptions to criminals. The gang is noted for its use of the Rust programming language.

According to an analysis by Microsoft, threat actors that began to deploy the malware are known to work with other prominent ransomware families such as Conti, LockBit, and REvil.

The FBI believes that money launderers for the ALPHV/BlackCat cartel are linked to Darkside and Blackmatter ransomware cartels, indicating that the group has a well-established network of operatives in the RaaS business.

Lately, ALPHV/BlackCat has been among the most active ransomware gangs. According to cybersecurity analyst ANOZR WAY, the group was responsible for approximately 12% of all attacks in 2022.

The gang seems to be focused on professional service providers recently. In mid-May, the gang said it had breached Mazars Group, an international audit, accounting, and consulting firm.

Earlier this month, the crooks attacked Casepoint, a legal technology platform used by the United States Courts, the US Security Exchanges Commission (SEC), and the Department of Defense (DoD).

More from Cybernews:

Battle of the tech giants: Apple's Vision Pro vs. Meta's Quest 3

Darknet Parliament is now a thing

Third MOVEit flaw identified by CISA, patch now

Beyond Instagram filters: what being a digital nomad actually means

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked