In a bid to leverage an ongoing internal dispute and exploit the vulnerability of nonpaying victims, the BlackCat ransomware group has targeted popular social news aggregation site Reddit. The group claims to have stolen 80 gigabytes of data from the company and is demanding a ransom of $4.5 million for its deletion and their silence.
The disagreement at the heart of the controversy revolves around Reddit CEO Steve Huffman’s decision to charge certain third parties for access to the company’s API as part of its quest for profitability and preparation for an initial public offering. This move has sparked a fierce standoff with the site’s moderators and developers who volunteer their time to maintain the platform and enhance its code.
Ransomware experts have consistently advised against paying ransoms, particularly for intangible promises like data deletion, citing the lack of proof that criminals follow through on such pledges. In Reddit’s case, the company appears resolute in refusing to pay the ransom. BlackCat acknowledged this, expressing confidence that Reddit would not comply. However, the group threatened to expose the stolen data, including revealing user statistics and alleged covert user censorship.
Reddit had previously disclosed a February attack, acknowledging that a phishing campaign tricked an employee into divulging credentials on a fake website. As a result, the attacker gained access to internal documents, code, dashboards, and business systems.
BlackCat is capitalizing on the ongoing controversy between Reddit and its volunteers, who have voiced their opposition to the recent API pricing changes. The company plans to introduce premium access for third parties, charging for additional capabilities and higher usage limits. This decision has been met with criticism from volunteer moderators and developers, who argue that it prioritizes profit over their needs and could adversely affect the functionality of various apps they rely on.
Reddit CEO Steve Huffman defended the changes, emphasizing the need for the company to be self-sustaining. He assured exemptions for accessibility and certain moderator tools but maintained that negotiations on pricing changes were off the table. In response, moderators staged a temporary blackout of thousands of Reddit pages as a protest.
Despite the ransomware attack and threats of data leaks, Reddit’s internal debate and pursuit of profitability are unlikely to be significantly influenced. The company and its users remain focused on larger challenges as Reddit aims to move forward with its initial public offering.