The BlackCat ransomware criminal group, also known as ALPHV and a successor to REvil, recently hacked into Reddit servers, resurfacing concerns about the dangers posed by hacktivism. The breach, which was confirmed by Reddit earlier this year, initially seemed contained. However, a recent posting by BlackCat has further escalated the situation.
The hacking group is demanding a ransom of $4.5 million USD and the reversal of API pricing changes, which have been the subject of recent controversy in the Reddit community. The controversy results from the expected impact on third party applications and ability for the blind and visually impaired communities to use Reddit.
BlackCat is threatening to publish 80GB of stolen data if their demands are not met. This hacktivist action sheds light on the risks associated with vigilantism and highlights the need for increased security measures to protect against such attacks.
The Breach and Demands
In February, the BlackCat group successfully breached Reddit servers, gaining unauthorized access to internal documents, intellectual property, codes, dashboards, and other business systems.
While Reddit assured users that production systems and user accounts remained secure, it is possible the recent developments indicate this was not the entire story.
The hackers have now identified their demands: a payment of $4.5 million and the abandonment of API pricing changes. Failure to comply will result in the publication of 80GB of stolen data, potentially exposing sensitive information.
Raising the Stakes: Leak Sites and Ransomware Tactics
Leak sites have become a favored method for ransomware groups to exert pressure on their victims. By threatening to release stolen data, hackers aim to coerce larger ransoms or force organizations to meet their demands.
For BlackCat, their deviation from traditional ransomware tactics is notable. Unlike encrypting devices, the group focused on data exfiltration, accumulating a substantial 80GB of information.
While the specific contents of the stolen data remain undisclosed, the hackers claim to possess insights into Reddit’s user tracking and alleged censorship practices within the subreddit communities.
The Motivations of Hacktivism and Vigilantism
Hacktivist groups, as BlackCat is uncharacteristically operating as in this instance, are distinct from typical cybercriminals due to their desire for publicity and media coverage. Unlike most criminals who strive for anonymity, hacktivists seek attention for their actions.
The current media attention surrounding Reddit has likely motivated BlackCat to exploit the situation further. While hacktivism may resonate with dissatisfied individuals, it poses inherent risks and encourages a dangerous precedent of taking justice into one’s own hands.
The Pandora’s Box of Vigilantism
Vigilante style cyberattacks open a Pandora’s box of complex legal and moral issues. By circumventing legal frameworks and resorting to self-imposed justice, these actions bypass the rule of law and pose threats to the security and stability of cyber ecosystems.
Engaging in vigilantism only makes a bad problem worse with regards to the challenges faced by companies, governments, and individuals in maintaining a secure digital environment.
Addressing the Risks and Protecting Against Hacktivist Actions
To defend against hacktivist (or any) attacks, organizations must adopt proactive cybersecurity measures. These include implementing robust security protocols, conducting regular vulnerability assessments, implementing stringent and timely user education, and establishing comprehensive incident response plans.
Discussion and dissemination of threat intelligence among private entities, government agencies, and security researchers is crucial in preventing future breaches, as is the awareness and discussion surrounding the motivations of hacktivists.
The breach of Reddit by the BlackCat ransomware criminal group, and the threats surrounding the leak of information, highlights the dangers associated with hacktivism and underscores the need for greater cybersecurity awareness and preventive measures.
Vigilantism through cyberattacks undermines the rule of law and the security of online platforms. It is essential for companies and individuals to remain vigilant, enhance their security posture, and address the challenges posed by hacktivists in a unified fashion. By doing so, we can strive for a safer digital landscape while upholding the principles of security, privacy, and accountability.
About The Author
Matthew Ziegler has been with Novacoast since 2006, specializing in Cybersecurity Operations, Governance, Risk, and Compliance, and process improvement. He holds an MBA in IT Management, is a Certified Information Systems Security Professional, and is passionate about bridging the gaps between operational process and security initiatives.