Reddit hackers demand $4.5 million ransom and API pricing changes

A ransomware group is claiming responsibility for a hack on Reddit’s systems earlier this year — and demanding not just money but policy changes.

BlackCat, a ransomware group, says it was behind the February phishing attack on Reddit, as previously reported by Bleeping Computer. In a post shared by researcher Dominic Alvieri, BlackCat claims to have stolen 80GB of data from Reddit and threatens to release it publicly if demands aren’t met. The group wants a $4.5 million payout in exchange for the data and also demands Reddit roll back its planned API pricing changes that spurred user and moderator protests last week.

At the time of the hack, Reddit said hackers had used a “sophisticated and highly-targeted” phishing attack to get access to internal documents and data, including contact information for employees and advertisers. The company maintained that the hackers hadn’t accessed user data that wasn’t public.

Reddit declined to comment on the record about the hack. Bleeping Computer reports that the BlackCat hack and the incident disclosed by Reddit in February are the same.

BlackCat’s new demands around API pricing changes follow a contentious back-and-forth between Reddit leadership and some of its most engaged users. After Reddit announced it would begin charging developers of third-party apps — potentially to the tune of millions of dollars a year — many top subreddits went dark in response, limiting new posts and closing public access. In an interview with The Verge, Reddit CEO Steve Huffman said the platform was “never designed” to support third-party apps and that the company wouldn’t pull back from its proposed changes.

Reddit previously fell victim to an attack in 2018 in which a hacker gained access to user data, including email addresses and old usernames and passwords.