Reddit hacker’s demands include reversing API changes

Reddit not too long ago fell sufferer to a phishing assault and the group accountable has now publicised their ransom calls for.

The assault resulted within the publicity of inner paperwork, dashboards, code, and contracts.

Whereas the information has not been made public to this point, the scenario might change as ransomware gang BlackCat – often known as ALPHV – has claimed accountability for the hack and threatened to launch the information.

Unsurprisingly, BlackCat is demanding a ransom of $4.5 million. Nevertheless, the collective can be demanding that Reddit reverse its controversial API adjustments which have sparked widespread protests.

The phishing assault

BlackCat employed a complicated phishing assault, utilizing “plausible-sounding prompts” to trick Reddit staff into visiting a web site that carefully resembled the platform’s intranet gateway.

One worker unknowingly fell for the scheme, permitting the hackers to steal their login credentials and second-factor tokens. Nevertheless, Reddit assured its customers that their private data has not been compromised.

Reddit API value hikes and protests

Reddit is presently going through a significant protest from customers towards API value hikes which have prompted in style third-party apps corresponding to Narwhal and Apollo to announce their shutdowns.

Apollo’s developer, Christian Selig, calculated Reddit’s adjustments would value him over $20 million per yr.

Builders are involved that the lack of third-party apps will end in extra censorship and decreased alternatives for rising advert income.

The considerations led to a considerable revolt:

What’s taking place with Reddit proper now’s thoughts blowing!

I can’t consider every other platform the place the customers have a lot energy. pic.twitter.com/63hOQRoMU2

— Ariel from Appfigures (@arielmichaeli) June 11, 2023

Reddit’s response

In response to the protests, Reddit CEO Steve Hoffman defended the API value hikes, suggesting that some customers are upset as a result of they will now not entry sure providers totally free.

Hoffman additionally hinted at making it simpler to take away moderators who make choices that aren’t in style among the many person base.

Regardless of the continued blackouts and advertiser considerations, Reddit has not indicated any intention to reverse its choice relating to the API value will increase. Likewise, many subreddits have dedicated to persevering with their protests.

BlackCat, for its half, says it stays sceptical that Reddit can pay the ransom demand and expects the stolen information to be made public.

As Reddit grapples with the aftermath of a focused phishing assault and ongoing site-wide protests, the emergence of BlackCat’s ransom demand provides additional uncertainty to the scenario. The potential leak of delicate inner data might have critical penalties for the already troubled platform.

(Photograph by Akin Cakiner on Unsplash)

Need to study extra about cybersecurity and the cloud from business leaders? Try Cyber Safety & Cloud Expo going down in Amsterdam, California, and London. The occasion is co-located with Digital Transformation Week.

Discover different upcoming enterprise know-how occasions and webinars powered by TechForge right here.

Ryan is a senior editor at TechForge Media with over a decade of expertise masking the newest know-how and interviewing main business figures. He can usually be sighted at tech conferences with a powerful espresso in a single hand and a laptop computer within the different. If it is geeky, he’s in all probability into it. Discover him on Twitter (@Gadget_Ry) or Mastodon (@[email protected])

View all posts