Alphv claims to be behind Reddit hack, demands reversal of API changes

Alphv, also known as BlackCat, claims to be behind the February hack on Reddit. The hacker group is said to have 80GB of compromised data. Alphv is demanding $4.5 million and reversing the announced API changes so as not to make them public.

Source: by_dev_urandom / Hacker News

According to Alphv, the hacker group contacted Reddit twice: on April 13 and on June 16. There appears to have been no response to this. Initially, the ransomware gang only demanded the sum of $4.5 million for the deletion of the obtained data. Now reverting the API changes has been added to the requirement. Alphv expects that Reddit will not meet these demands: “We expect to leak the data.”

In April, Reddit announced that it would charge money for using its API. Developers such as Apollo sometimes have to pay millions of dollars to use the Reddit API. Previously, thousands of subreddits went black in protest against these proposed changes to the platform. Reddit stands firm and says it will not change its policy regarding paid APIs despite widespread protest.

On February 5, 2023, Reddit became aware that it had been hit by an “advanced phishing campaign.” This involved sending ‘credible prompts’ to employees, who were redirected to a rogue environment that ‘clone the behavior of the intranet gateway’. The attacker then allegedly gained access to, among other things, internal documents, code and business systems. Hundreds of company contacts, data of (former) employees and limited advertiser information were also allegedly stolen.