It’s no secret that Reddit has been in the news lately for all the wrong reasons. However, back in February, Reddit also fell victim to a sophisticated phishing hack, which resulted in the leak of confidential internal documents, codes, contracts, and some personal information belonging to advertisers. Now, in a recent development, the notorious ransomware group, BlackCat, has reportedly claimed responsibility for the attack.

The group is not only demanding a ransom of $4.5 million but also wants Reddit to revert its recently proposed API pricing changes, which had sparked protests from users and moderators.

How did the Reddit hack occur?

The attackers managed to breach Reddit’s security system by creating a deceptive website that closely resembled the company’s intranet gateway. Therefore, when unsuspecting employees unknowingly disclosed their login details and 2FA codes through carefully crafted prompts on this fake site, the hackers gained access to the system. However, Reddit has assured its users that the hackers did not gain access to any non-public user data.

Demands aligning with Reddit’s API issue

The timing of BlackCat’s revelation is particularly noteworthy, as it aligns with the public outrage caused by Reddit’s recent decision to charge companies for API access. This decision has already led to the shutdown of many popular apps, such as Narwhal and Apollo. And despite the criticism, Reddit CEO Steve Huffman has repeatedly defended the company’s proposed changes, stating that the platform was not originally designed to support third-party apps and that they would not reconsider their position.

“These people who are mad, they’re mad because they used to get something for free, and now it’s going to be not free,” said Reddit CEO Steve Huffman.

See also  Woody Allen Child Abuse Claims Probed In New Investigation

But this new demand adds further complexity to the already turbulent situation. This is because, in addition to seeking financial gain, the group is now attempting to influence policies and shape the actions of its target. However, the impact of this new development on API prices remains uncertain, as the company is yet to issue an official statement in response to the demands.

Source link