BlackCat Hackers Target Reddit: A Tale of Data, Ransom, and APIs

Estimated read time 2 min read

If you’re part of the vast world of cyber enthusiasts, then you must have come across the name Alphv. Also known as BlackCat, this hacking group is making headlines once again, claiming responsibility for the February attack on Reddit.

According to Alphv, they’ve successfully stolen a staggering 80GB of compressed data from Reddit. The price for not leaking this information to the public? A cool $4.5 million and a reversal of the planned API changes announced by Reddit.

BlackCat Hackers Target Reddit
BlackCat Hackers Target Reddit

It appears Alphv tried to reach out to Reddit twice – first on April 13, and then again on June 16. But it seems these calls fell on deaf ears. Initially, the group only demanded the ransom. Now, the reversal of the API changes has been added to their list of demands. The cybercriminals, however, aren’t optimistic about their demands being met. They’ve stated quite bluntly, “We expect to leak the data”.

In April, Reddit announced its decision to start charging for the use of its API. This has led to developers, like Apollo, having to potentially shell out millions of dollars for access. This planned change sparked widespread protests, with thousands of subreddits going dark in defiance. Yet, Reddit stands firm, refusing to amend its policy on paid APIs despite the backlash.

The breach itself came to light on February 5, 2023, when Reddit acknowledged falling victim to an ‘advanced phishing campaign’. This involved ‘credible prompts’ sent to staff members, leading them to a malicious environment that mirrored the behavior of their intranet gateway.

This allowed the attackers access to a host of information, including internal documents, codes, and business systems. In addition, they managed to get their hands on hundreds of business contacts, data from (former) employees, and limited advertiser information.

In this intricate dance of data, demands, and defiance, it remains to be seen how the Reddit saga will unfold.

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author