Reddit’s month may be going from bad to worse.
Hackers from the BlackCat ransomware gang, also known as ALPHV, are threatening to leak 80 gigabytes of confidential data from Reddit that they claim to have stolen during a February breach, according to a post from the group on the dark web, which was reviewed by CNN and an independent cybersecurity expert.
In their post, the hackers claim they first demanded a US$4.5 million payout “for the deletion of the data and our silence” in April. After receiving no response, the group said it followed up on Friday with an additional request: Reddit should withdraw a controversial new pricing policy that has sparked a protest from some of the platform’s most influential users.
Reddit CTO Chris Slowe previously posted about a security incident that took place in early February. In the post, Slowe said the company’s “systems were hacked as a result of a sophisticated and highly-targeted phishing attack,” with hackers accessing “some internal documents, code, and some internal business systems.” Only employee data was accessed, according to the post.
A Reddit spokesperson confirmed to CNN on Monday that BlackCat’s post relates to the February incident. The spokesperson reiterated that no user data was accessed, but declined to comment beyond that.
More than 6,000 Reddit forums went dark last Monday in what was supposed to be a two-day protest over the company’s plan to begin charging steep fees for some third party apps to access its platform. A week later, more than 3,500 Reddit forums remain dark.
While the ransom note appears to support the protestors’ cause, some experts are skeptical of BlackCat’s actual motives.
“I suspect that ALPHV doesn’t actually care about the API pricing. They simply want future victims to see how much ongoing harm they can cause to increase the likelihood of them deciding that payment is the least painful option,” said Brett Callow, threat analyst at cybersecurity firm Emsisoft, who reviewed the post on the dark web.
BlackCat, for its part, said it doesn’t expect Reddit to meet its demands.
“We are very confident that Reddit will not pay for its data,” the group wrote in the post on the dark web. “We expect to leak the data.”