Ransomware gang BlackCat, also known as ALPHV, has recently taken responsibility for the February hacking incident targeting Reddit. In a post titled “The Reddit Files,” BlackCat announced that it possesses approximately 80GB of compressed data obtained through a phishing scheme. The group has demanded a ransom of $4.5 million from Reddit, along with the reversal of API price increases, in exchange for deleting the information.
The initial breach occurred when Reddit employees fell victim to a targeted phishing scheme, receiving convincing prompts to visit a website that closely resembled Reddit’s intranet gateway. One individual unknowingly provided their login details and second-factor tokens, enabling the hackers to gain unauthorized access to internal documents, dashboards, code, contracts, and some advertisers’ and employees’ information. Although none of the compromised data has been made public so far, the situation may change if the ransom demands are not met.
BlackCat’s announcement comes amid widespread protests against API price hikes on the Reddit platform. The increased costs have compelled popular third-party apps, such as Narwhal and Apollo, to cease operations. Christian Selig, the creator of Apollo, stated that he would need to allocate $20 million annually to sustain his business. Developers are concerned that the absence of third-party apps could lead to increased censorship and hinder opportunities for growing ad revenue.
The protest resulted in approximately 8,000 subreddits temporarily going dark simultaneously. However, Reddit CEO Steve Huffman remains steadfast in the company’s plans, stating that the dissatisfaction stems from users who were accustomed to receiving services for free. Huffman also expressed intentions to facilitate the removal of moderators who do not make “popular” decisions. While Reddit appears resolute in its decision, ongoing blackouts have prompted some advertisers to pause their activities on the platform.
It remains uncertain how this recent development will impact API prices, as Reddit has not yet commented on whether it will comply with the ransom demands. BlackCat claims that Reddit ignored its previous attempts to contact the company in April and June and has little hope that a public ultimatum will yield different results. In its post, the ransomware gang declared, “We are very confident that Reddit will not pay any money for their data. We expect to leak the data.” The situation continues to unfold, and Reddit’s response will be closely watched by the online community.