Last weekend, unknowns hacked the Reddit moderators’ accounts – dozens of various subreddits of the social network were hacked and defaced.All attacked communities were used for spread campaigning in support of Donald Trump in the upcoming presidential elections: hackers completely changed the design of subreddits, as you can see in the screenshot below.
In total, defaulted subreddits are visited by tens of millions of people. Attack affected large communities, dedicated to the National Football League, Disneyland, many popular TV shows and films, and so on.
For example, the r/space and r/food communities alone have 17 and 19 million subscribers.
Reddit engineers reported that they are already investigating an incident and explained that the massive defacement of subreddits occurred due to the compromise of moderator’s accounts of popular communities.
“There is an ongoing incident with moderator accounts being compromised and used to vandalize subreddits. We’re working on locking down the bad actors and reverting the changes”, — write Reddit developers.
Currently, Reddit blocks hacked moderator accounts and returns control to their real owners. Most of the hacked communities have already returned to normal functioning or have been permanently banned.
It is not yet clear how exactly unknowns compromised such a number of moderators, but according to Reddit staff, none of the hacked accounts were protected by two-factor authentication.
On Twitter appeared and was banned an account, the authors of which claimed responsibility for hacks and defaces. However, no one has yet confirmed the reliability of these statements.
Interestingly, the massive deface of subreddits took place five weeks after the scandalous blocking of the r/The_Donald community of Donald Trump supporters.
Then the representatives of Reddit reported that the reason for the ban was multiple violations of the rules, as well as regular complaints from users about insults, bullying and threats of violence.
Let me remind you of another cyber scandal related to current US president. In May, operators of the REvil (Sodinokibi) ransomware announced that they had access to compromising evidence on Donald Trump and were ready to sell it, and then they announced that they had even made a deal. Whether it was a bluff to appear on the News or Trump’s representatives bought out incriminating information is a mystery.
Reddit has issued a recommendation in case you are concerned about the security of your account:
- Look for signs of a compromise:
- You received email notification that the password and/or email address on your account changed but you didn’t request changes.
- You notice authorized apps on your profile that you don’t recognize
- You notice unusual IP history on your account activity page
- You see votes, posts, comments, or moderation actions that you don’t remember making, or private messages that you don’t remember sending.
- For the love of Snoo, make sure you have two-factor authentication enabled. Encourage the rest of your mod team to do the same.
- Change your password.
User Review( votes)