Skip to main content

Reddit hacker demands $4.5M and a change to new API rule

Ransomware group BlackCat has claimed responsibility for the cyberattack on Reddit in February and is now demanding a $4.5 million payment to prevent it from publishing 80GB of data that it claims to have stolen from the site.

But that’s not all, as the group, which is also known as ALPHV, is insisting that Reddit also reverse the API price changes that have caused so much controversy just recently.

In a message posted by the group this week, the perpetrator said: “We are very confident that Reddit will not pay any money for their data. But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took … In our last email to them, we stated that we wanted $4.5 million in exchange for the deletion of the data and our silence.”

Several days after it learned of the February incident — described by Reddit as a “sophisticated and highly targeted” phishing attack — a spokesperson for Reddit confirmed that hackers had accessed some of the site’s internal documents, dashboards, code, and business systems. Data linked to current and former employees, company contracts, and some advertisers were also accessed. Passwords and other data connected to user accounts were not thought to have been compromised, Reddit said at the time.

BlackCat also wants Reddit to abandon its move to start charging third-party apps for API access, which could potentially cost some developers millions of dollars annually and force a number of popular ones to shut down. Many subreddits have been protesting about the changes, but Reddit’s top team seems intent on sticking to its plan.

BlackCat emerged in November 2021 and by July 2022 had compromised more than 100 organizations, according to Security Week. The group appears to have been quite active recently, too, launching an attack on Western Digital in March that apparently saw 10 terabytes of data stolen, while it also recently threatened to release data allegedly stolen from Amazon-owned video doorbell company Ring.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers vandalize Reddit with pro-Trump banners and messages
A digital depiction of a laptop being hacked by a hacker.

A coordinated hacking attack has hit Reddit, vandalizing dozens of subreddits with material that supports the 2020 reelection campaign of President Donald Trump.

A moderator on r/SubredditDrama posted a list of affected subreddits, which includes r/NFL, r/BlackMirror, r/Food, r/Beer, r/Naruto, r/RupalsDragRace, r/DestinyTheGame, r/TheDailyZeitgeist, and many more.

Read more
Reddit shuts down The_Donald under new policies against hate speech
Trump stylized image

Reddit has shut down the subreddit called The_Donald after years of it violating content policies. Reddit cited new rules that aim to push hate speech out of the online community.

"All communities on Reddit must abide by our content policy in good faith. We banned r/The_Donald because it has not done so, despite every opportunity," said Reddit co-founder and CEO Steve Huffman in the announcement of the platform's updated content policy.

Read more
Reddit’s new feature is bringing back AOL-style chat rooms
reddit start chatting button launches

Reddit is launching a new throwback chat tool to connect complete strangers in small groups.

In a move that feels like a modern take on AOL chat rooms from the 1990s, Reddit launched the Start Chatting button Wednesday. The feature matches Redditors with other available, online users for small group chats.

Read more