The cyberattack on Reddit in February has taken a new turn as the ransomware group behind it, known as BlackCat or ALPHV, has claimed responsibility for the breach and is now demanding a hefty sum of $4.5 million from the social media platform. In addition to the ransom demand, the group is also insisting that Reddit reverse the API price changes that have caused widespread controversy.
According to a message posted by the group, they believe that Reddit will not pay the ransom but are willing to release information about the data they claim to have stolen, including statistics and confidential information. The group claims to have accessed 80GB of data from Reddit, including internal documents, dashboards, code, and business systems. The stolen data is said to include information linked to current and former employees, company contracts, and some advertisers.
Reddit had initially reported that the attack was a “sophisticated and highly targeted” phishing attack, and that some of the accessed data may have been used to gain access to internal systems. However, the company assured users that passwords and other data linked to user accounts were not compromised.
BlackCat’s demands go beyond the ransom payment, however. The group is also protesting Reddit’s decision to start charging third-party apps for API access, a move that could potentially cost some developers millions of dollars annually and force some popular apps to shut down. Many subreddits have been protesting the changes, but Reddit’s top team appears to be intent on sticking to its plan.
BlackCat has been active in recent months, launching attacks on several high-profile targets, including Western Digital and Amazon-owned video doorbell company Ring. The group emerged in November 2021 and by July 2022 had compromised over 100 organizations, according to Security Week.
Reddit’s response to the attack has been to tighten security measures and notify affected users. However, with BlackCat’s demands now public, it remains to be seen whether the social media platform will comply with the group’s demands. The situation highlights the growing threat posed by ransomware groups and the importance of robust cybersecurity measures to prevent such attacks.
As the standoff between Reddit and BlackCat continues, it remains to be seen what will happen next. Will Reddit pay the ransom to prevent the publication of stolen data? Will the group follow through on its threat to release the stolen information? Only time will tell. What is clear, however, is that the battle against ransomware groups like BlackCat is far from over, and social media platforms like Reddit must remain vigilant to prevent such attacks.