Cyber Security News

Reddit Hackers Threaten to Leak 80GB of Stolen Data

The February 5th intrusion on Reddit was allegedly carried out by the ALPHV ransomware operation, also known as BlackCat.

Threat actors gained Reddit’s systems through this phishing attempt to obtain internal documents, source code, employee data, and some information about the company’s advertisers.

Reddit revealed that its systems had been hacked on February 9. Threat actors specifically claim to have stolen 80GB of data from the company.

“After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems,” Reddit CTO Christopher Slowe, formerly known as KeyserSosa, explained in a post.

“We show no indications of a breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).”

Reddit said that no user passwords, accounts, or credit card details were compromised and that production systems were not compromised.

Threat Actors Demanded $10 Million During The Attack

Reddit said that no user passwords, accounts, or credit card details were compromised and that production systems were not compromised.

While the company did not provide much specifics about the phishing assault, they said it was comparable to a phishing attempt on Riot Games that allowed hackers to access networks and obtain the source code for the company’s Packman legacy anti-cheat platform, Teamfight Tactics (TFT), and League of Legends (LoL).

Threat actors requested $10 million during the attack on Riot in exchange for keeping the stolen data a secret.

However, the threat actors tried to sell the data for $1 million on a hacker site once the ransom was not paid.

Forum post selling Riot Games source code

The ALPHV Ransomware Operation (BlackCat)

Dominic Alvieri was the first to notice that the ALPHV ransomware operation, also known as BlackCat, was responsible for the assault on Reddit.

Threat actors claim to have taken 80 GB of compressed data from the firm during the assault, and they now intend to expose the contents in a “Reddit Files” post on the gang’s data leak website.

Threat actors claim they made two attempts to get in touch with Reddit on April 13 and June 16 and demanded $4.5 million for the content to be deleted, but they got no answer.

“The Reddit Files” post on the BlackCat data leak site

“I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data,” threatened the ransomware operation.

“But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took.

Did you know they also silently censor users? Along with artifacts from their GitHub!”

The Cyber Security News has been able to affirm that this is the same assault that Reddit announced in February, although Reddit has failed to comment on BlackCat’s statement.

Although BlackCat is a ransomware group, they did not encrypt any devices during this attack; it should be emphasized.

Looking For an All-in-One Multi-OS Patch Management Platform – Try Patch Manager Plus


Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

11 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

15 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

15 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

17 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

18 hours ago

Okta Hack: Threat Actors Downloaded all Customer Support System Users’ Data

In a pivotal update to the Okta security incident divulged in October 2023, Okta Security…

19 hours ago