Reddit hackers demand $4.5 million ransom and API pricing modifications

A ransomware group is claiming accountability for a hack on Reddit’s programs earlier this yr — and demanding not simply cash however coverage modifications.

BlackCat, a ransomware group, says it was behind the February phishing assault on Reddit, as beforehand reported by Bleeping Pc. In a put up shared by researcher Dominic Alvieri, BlackCat claims to have stolen 80GB of knowledge from Reddit and threatens to launch it publicly if calls for aren’t met. The group needs a $4.5 million payout in trade for the information and likewise calls for Reddit roll again its deliberate API pricing modifications that spurred consumer and moderator protests final week.

On the time of the hack, Reddit stated hackers had used a “refined and highly-targeted” phishing assault to get entry to inside paperwork and information, together with contact data for workers and advertisers. The corporate maintained that the hackers hadn’t accessed consumer information that wasn’t public.

Reddit declined to touch upon the document in regards to the hack. Bleeping Pc studies that the BlackCat hack and the incident disclosed by Reddit in February are the identical.

BlackCat’s new calls for round API pricing modifications observe a contentious back-and-forth between Reddit management and a few of its most engaged customers. After Reddit introduced it might start charging builders of third-party apps — doubtlessly to the tune of tens of millions of {dollars} a yr — many high subreddits went darkish in response, limiting new posts and shutting public entry. In an interview with The Verge, Reddit CEO Steve Huffman stated the platform was “by no means designed” to help third-party apps and that the corporate wouldn’t pull again from its proposed modifications.