Reddit Admits To Being A Victim Of Hacking BlackCat Ransomware Gang, Asks For A Ransom Of IDR 67.4 Billion

Reddit is aware of an advanced phishing campaign targeting its employees (photo: dock. Reddit)

JAKARTA - The ALPHV ransomware gang or better known as BlackCat was the actor behind the hack that Reddit experienced last February.

According to the company's official blog post, at the end of February 5, Reddit was aware of an advanced phishing campaign targeting its employees and admitted to taking 80 GB of bank data.

The striker, who is claimed to be BlackCat, directed employees to websites that clone the company's gateway intranet behavior, in an attempt to steal credentials and second-factor tokens.

After successfully obtaining the credentials of one employee, BlackCat gained access to several internal documents, codes, and several internal dashboards and business systems.

"We have shown no indication of a violation of our main production system (part of our pile running Reddit and storing most of our data)," said Reddit, quoted Monday, June 19.

Currently, BlackCat has managed to steal hundreds of limited contact information from companies and employees, as well as limited advertiser information.

"Based on an initial few days of investigation by security, engineering and data science (and friends!), we have no evidence to suggest that your non-public data has been accessed, or that Reddit's information has been published or distributed online," explained Reddit.

In addition, BlackCat also requested a ransom of USD 4.5 million (IDR 67.4 billion) in exchange for data deletion and their silence.

"In our last email to them, we stated that we want USD 4.5 million in exchange for our data deletion and silence," BlackCat said.

"As we also state, if we have to publish it, then we are now demanding that they also withdraw their API price change along with our money or we will leak it. We hope to leak the data," he added.

Soon after learning this information, the affected Reddit employee reported himself, and the security team removed the intruder's access and then started an internal investigation.

To protect user accounts, Reddit recommends using two-factor authentication (2FA) and updating passwords every few months, make sure strong and unique passwords for better protection. Users are also asked to use password managers.