‘Pay $4.5 Million and Withdraw New Pricing Policy’: Hackers Threaten To Leak Stolen Reddit Data

In February, hackers claimed to have acquired 80 gigabytes of sensitive data during a breach.

PUBLISHED JUN 22, 2023

Cover Image Source: Facebook/Reddit | Pexels/Tima Miroshnichenko

Reddit, which is already facing protests by various communities on the popular online platform, is now being targeted by hackers. The BlackCat ransomware gang, also known as ALPHV, is once again demanding a $4.5 million payout for the "deletion of the stolen data and its silence".

In February, hackers had claimed to have acquired 80 gigabytes of sensitive data during a breach. According to CNN Business, in a post on the dark web, reviewed by CNN and an independent cybersecurity expert, the group threatened to leak the data if Reddit failed to comply with their demands.

$4.5 Million Payout and Their Silence

This demand was made back in April, but Reddit didn't respond. The lack of acknowledgment likely spurred the hackers to escalate their actions and put more pressure on the company.

The Follow-up Demand: Changing the Controversial Pricing Policy

To increase the pressure on Reddit, the hackers issued a second demand. They asked Reddit to retract its controversial new pricing policy that has generated significant backlash from influential users of the platform. The policy involves charging substantial fees for certain third-party apps seeking access to Reddit. By aligning their demands with the protestors' cause, the hackers aim to maximize the harm caused to Reddit's reputation and increase the likelihood of payment.

The February Breach: What Happened?

Reddit CTO Chris Slowe had disclosed details of a security incident in early February. The breach was a result of a sophisticated phishing attack that allowed hackers access to internal documents, code, and some internal business systems. The company had clarified that no user data was compromised during the breach, limiting the potential harm caused.

Reddit's Response and Confirmation

In response to the hackers' recent threats, a Reddit spokesperson confirmed that the post made by the BlackCat ransomware gang relates to the February breach. The spokesperson reiterated that no user data was compromised. However, the spokesperson refrained from providing further comment on the matter, leaving many questions unanswered.

The Reddit Protests: A Coincidence or Connected?

Reddit is facing massive protests from thousands of its forums. Over 6,000 forums went dark in a two-day protest against the platform's plan to charge exorbitant fees for certain third-party apps' access. A week later, over 3,500 forums remained offline. While the hackers' ransom note seemingly aligns with the protestors' cause, some experts express skepticism about the hackers' motives, suspecting their primary goal is financial gain rather than supporting the protestors' stance.

What Experts Believe

According to Brett Callow, a cybersecurity threat analyst at Emsisoft, it is possible that the hackers do not have a genuine concern for Reddit's pricing policy. Instead, their objective might be to demonstrate the potential harm they can inflict on future victims, thereby increasing the likelihood of payment. Callow's analysis sheds light on the possible ulterior motives behind the hackers' demands and highlights the importance of remaining cautious and skeptical in such situations.

In Case Of a Data Leak

The consequences of leaking the stolen data could be severe. The leaked information could harm Reddit's reputation, erode user trust, and potentially lead to legal consequences. The company will undoubtedly be evaluating its options and considering the potential impact on its user base, advertisers, and overall standing in the digital landscape.