BlackCat Ransomware Gang Demands $4.5 Million and API Pricing Reversal
In a shocking turn of events, hackers have threatened to release confidential data stolen from Reddit unless the company pays a ransom demand and reverses its controversial API price hikes. The BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February breach of the company’s systems.
Background on the Breach
In February, Reddit confirmed that hackers had accessed employee information and internal documents during a highly-targeted phishing attack. At the time, Reddit CTO Christopher Slowe stated that the company had "no evidence" that personal user data, such as passwords and accounts, had been stolen.
BlackCat Takes Credit for the Breach
On Saturday, BlackCat posted on its dark web leak site, claiming responsibility for the February intrusion. The gang threatened to leak "confidential" data stolen during the breach unless Reddit pays a ransom of $4.5 million and reverses its API pricing changes.
API Pricing Controversy
Reddit’s new API pricing plans have been at the center of controversy in recent weeks. Popular third-party Reddit app Apollo announced that it would be shutting down due to the new pricing, while thousands of subreddits went dark in protest of the new API policy. Some subreddits, including r/music and r/videos, have indefinitely gone dark as a result.
BlackCat’s Demands
In its post, BlackCat wrote: "I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data." The gang expects to leak the data unless Reddit meets their demands.
Reddit’s Response
When asked by TechCrunch, Reddit declined to say whether it plans to respond to BlackCat’s demands. A spokesperson for the company stated that they had "no comment" on the matter.
History of Data Breaches at Reddit
This is not the first data breach experienced by Reddit. In 2018, attackers accessed a complete copy of Reddit data from 2007, including usernames, hashed passwords, emails, public posts, and private messages.
The Rise of Ransomware Attacks
BlackCat’s ransom demand is just one example of the growing trend of ransomware attacks on companies. In March, the gang was linked to a breach at Western Digital that saw hackers steal 10 terabytes of data from the company, including customer information. BlackCat has also threatened to leak data allegedly stolen from Amazon-owned video surveillance company Ring.
The Impact of Ransomware Attacks
Ransomware attacks can have serious consequences for companies and individuals alike. Not only do they result in financial losses, but they can also compromise sensitive data and put users at risk of identity theft.
Conclusion
The threat by BlackCat to release confidential data stolen from Reddit unless the company pays a ransom demand and reverses its API pricing changes is a stark reminder of the growing threat of ransomware attacks. As companies continue to rely on digital infrastructure, they must prioritize cybersecurity measures to protect against these types of threats.
Recommendations for Companies
Companies should take the following steps to protect themselves from ransomware attacks:
- Implement robust cybersecurity measures, including firewalls, antivirus software, and intrusion detection systems.
- Regularly update software and plugins to prevent exploitation of vulnerabilities.
- Conduct regular security audits and risk assessments to identify potential weaknesses.
- Develop a response plan in the event of a breach, including procedures for data recovery and communication with stakeholders.
Stay Informed
To stay up-to-date on the latest news and developments in cybersecurity, follow TechCrunch’s coverage of the industry. Our team of experts provides in-depth analysis and insights into the world of cybersecurity.