Did you know that the BlackCat (ALPHV) ransomware gang was responsible for a cyberattack on Reddit back in February? The attackers claimed to have stolen a whopping 80GB of data from the company.
On February 9th, Reddit announced that its systems were compromised on February 5th after an employee fell for a phishing attack.
This phishing attack allowed the culprits to gain access to Reddit’s systems and steal internal documents, source code, employee data, and limited information about the company’s advertisers.
Reddit CTO Christopher Slowe, aka KeyserSosa, explained that “after successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems.”
Thankfully, the company assured that its primary production systems were not breached, and no user passwords, accounts, or credit card information were impacted.
Interestingly, the phishing attack on Reddit was similar to a previous one on Riot Games, allowing hackers to access systems and steal source code for League of Legends (LoL), Teamfight Tactics (TFT), and the company’s Packman legacy anti-cheat platform.
During the Riot Games attack, the hackers demanded million to keep the stolen data under wraps. When the ransom wasn’t paid, they tried selling the data for $1 million on a hacking forum.
BlackCat behind Reddit Hack
As we discovered, the ALPHV ransomware operation, more commonly known as BlackCat, is now claiming responsibility for the February 5th cyberattack on Reddit.
In a “Reddit Files” post on the gang’s data leak site, the threat actors claim to have stolen 80 GB of compressed data from the company during the attack and now plan on leaking the data.
They say they attempted to contact Reddit twice, on April 13th and June 16th, demanding $4.5 million for the data to be deleted but received no response.
BlackCat then threatened, “I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data.”
They added, “But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took. Did you know they also silently censor users? Along with artifacts from their GitHub!”
Now, the threat actors are threatening to leak Reddit’s data if the company doesn’t pay the ransom and backtrack on their plans on charging for API access.
While Reddit declined to comment about BlackCat’s post, we’ve been able to confirm that this is the same attack disclosed by Reddit in February.
It’s worth noting that while BlackCat is a ransomware gang, they didn’t encrypt devices in this attack.
This same hacking group is believed to be linked to a similar attack on Western Digital in March 2023, causing a massive outage to the company’s My Cloud cloud service.
While the threat actors behind the Western Digital attack initially claimed not to have a name, screenshots of the stolen data were leaked on the ALPHV data leak site, with the threat actors taunting the company about the attack.
Western Digital sent data breach notifications in May, warning online store customers that their data was stolen during the attack.
What does this mean for you, the business owner?
These high-profile attacks should serve as a wake-up call to U.S. business owners. Cybersecurity is not something you can afford to overlook in today’s digital landscape.
As a business owner, it’s crucial to invest in cybersecurity measures, train your employees to recognize phishing attacks, and regularly update your systems to protect your organization from data breaches and ransomware attacks.
How can ZZ Servers help you?
At ZZ Servers, we understand the importance of cybersecurity and are dedicated to helping you protect your business from cyber threats. Our team of experts offers comprehensive cybersecurity solutions tailored to your organization’s needs, ensuring your systems are secure and your data is protected.
Don’t wait until it’s too late. Contact us today to learn how ZZ Servers can assist you in safeguarding your business from cyberattacks and data breaches.
