Reddit Hackers Threaten to Leak 80GB of Data Stolen in Ransomware Attack Over API Changes: Report

The hackers want Reddit to pay a ransom of $4.5 million (roughly Rs. 37 crore) and reverse its controversial API policy changes aimed at third-party apps.

Written by David Delima, Edited by Siddharth Suvarna | Updated: 20 June 2023 11:18 IST

Reddit Hackers Threaten to Leak 80GB of Data Stolen in Ransomware Attack Over API Changes: Report

Photo Credit: Reuters

Reddit users will have to use the official apps for on iOS and Android smartphones from July

Highlights

Reddit was impacted by a data breach on February 9
Hackers reportedly plan to leak 80GB worth of stolen data online
Reddit recently announced new API pricing that will kill third party apps

Reddit hackers have reportedly threatened to leak 80GB of data stolen from the company in a data breach earlier this year. A ransomware attack targeted the company in February after an employee's credentials were phished, and the data that was exfiltrated could be leaked online if the hacker's demands are not met. Notably, aside from a ransom amount for the files stolen from the company, the ransomware group has also demanded that Reddit reverse controversial changes to its application programming interface (API) that will effectively kill third party Reddit apps by the end of June.

According to a BleepingComputer report citing cybersecurity researcher Dominic Alvieri, the ransomware group BlackCat has claimed responsibility for the cyberattack on Reddit that took place on February 5. The BlackCat group, also known as ALPHV, reportedly plans to release a compressed file with 80GB of data stolen from the platform, after attempts to contact Reddit on April 13 and June 16, demanding a ransom of $4.5 million (roughly Rs. 37 crore) to delete the data.

The Reddit Files.@Reddit https://t.co/cIUyCWwMlP pic.twitter.com/gyHA7lplvG
— Dominic Alvieri (@AlvieriD) June 17, 2023

"I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data. But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took. Did you know they also silently censor users? Along with artifacts from their GitHub!" the BlackCat group posted on its website.

Back in February, Reddit disclosed that it was affected by a cyberattack after hackers phished an employee's credentials and stole source code, internal documents, and other information, according to the platform. The BlackCat group had not claimed responsibility for the breach at the time. The group's latest post states that it was waiting until the company's IPO to leak the stolen files, but will now release the leaked data if the ransom is not paid and if the company doesn't reverse its new API pricing that could kill third-party apps on the platform.

Thousands of Subreddits Are Going Dark: Here’s Why

Over the past week, thousands of popular subreddits — communities dedicated to specific interests or topics — went private and restricted access to users to protest the platform's new changes that are aimed at third-party apps and automated bots on the platform. Reddit will charge users $0.24 (roughly Rs. 20) for every 1,000 API calls, which means that the cost of operating the app would be $1 (roughly Rs. 80) per user, per month.

However, as Christian Selig, creator of the popular third-party iOS Reddit client Apollo points out, this would lead to a minimum of $20 million (roughly Rs. 160 crore) in annual costs to keep the third-party app alive. Several third-party app developers, along with Selig, plan to shut down their apps at the end of June, before the new API charges kick in next month.

Reddit's refusal to lower the cost of its API use has resulted in the moderators of several subreddits protesting the shuttering of third-party apps that offer vital tools to moderate their communities. However, less than a week after the protest began, the platform claimed that 80 percent of its top subreddits were open amid the ongoing protest.

Reddit Is Laying Off 5 Percent of Its Workforce: Details

Apple unveiled its first mixed reality headset, the Apple Vision Pro, at its annual developer conference, along with new Mac models and upcoming software updates. We discuss all the most important announcements made by the company at WWDC 2023 on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Reddit, Ransomware, Cybersecurity, Cyberattack, Reddit Apps, Reddit API, BlackCat, Hackers, Hacking, API

David Delima

Email David Delima

As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More