After Hacking Reddit, Hackers Threaten to Leak Stolen Data

During the February hack of Reddit, hackers managed to compromise one of the employees and gain access to internal business systems, steal internal documents and a source code.

Let me remind you that we also wrote that Reddit launches a public bug bounty program, and it is also interesting to recall that Unknowns hacked accounts of Reddit moderators for campaigning for Trump.

Let me remind you that the Reddit hack occurred in early February 2023. At the time, Reddit representatives reported that the attackers used a phishing bait and attacked employees, trying to lure them to a landing page that mimicked one of the company’s intranet sites. This site was used to steal credentials and two-factor authentication tokens. Unfortunately, one of the employees fell for the hackers.

As shown by the investigation, hackers gained access to some internal documents, code, as well as a number of internal dashboards and business systems. In addition, the stolen data included information about the company’s contacts and the contact details of some current and former employees, and the stolen files also contained some information about advertisers (but bank card information, passwords and advertising performance indicators were not disclosed).

Although in February, Reddit representatives did not provide almost any details of the incident, the company referred to a similar incident, which Riot Games suffered at the beginning of the year. In January, hackers also compromised one of the employees, penetrated the company’s systems and stole the source code of the League of Legends (LoL) and Teamfight Tactics (TFT) games, as well as an outdated anti-cheat platform.

BlackCat ransomware group (ALPHV) has now claimed responsibility for the attack, according to Bleeping Computer. The message on the group’s website claims that during the attack, hackers stole 80 GB of data from the company and now plan to publish it in the public domain.

Let me remind you that recently BlackCat Group Leaks Western Digital Data to the Network.

Attackers say that twice, on April 13 and June 16 of this year, they tried to contact Reddit, demanding a ransom of $ 4.5 million for data removal, but never received a response.