“Unveiled: The Infamous BlackCat Ransomware Gang Responsible for the Devastating February Reddit Breach”

Is there a Connection Between the Infostealer Malware and the BlackCat Ransomware Gang?

Recent cybersecurity reports suggest a potential link between the Infostealer malware and the notorious BlackCat Ransomware Gang. It is believed that the gang may have gained access to over 100k chatgpt accounts breached, using this valuable information to launch their ransomware attacks. The connection between these two threats signifies a worrisome collaboration in the cybercrime landscape, emphasizing the need for enhanced security measures.

BlackCat Ransomware Gang Claims Responsibility for Reddit Cyberattack

Reddit suffered a cyberattack in February, where the BlackCat (ALPHV) ransomware gang stole 80GB of data from the company. On February 9th, Reddit revealed that its systems were breached on February 5th, when an employee was tricked into a phishing attack. The attackers gained access to Reddit’s systems and stole internal documents, source code, employee data, and limited data about the company’s advertisers. According to Reddit CTO Christopher Slowe (KeyserSosa), the attacker obtained access to some internal documentation, code, and internal dashboards and business systems after obtaining a single employee’s credentials. Although no breach was found in Reddit’s primary production systems that store the majority of its data and run Reddit, the company said that it was a phishing attack similar to one on Riot Games that allowed hackers to gain access to systems and steal source code for League of Legends (LoL), Teamfight Tactics (TFT), and the company’s Packman legacy anti-cheat platform. Riot Games was asked to pay $10 million to stop the data leak, but when it refused, the threat actors attempted to sell the data for $1 million on a hacking forum.

BlackCat, also known as ALPHV ransomware operation, has claimed responsibility for the Reddit cyberattack. As per the threat actors, they have stolen 80 GB of compressed data from the company during the attack and plan to leak the data. BlackCat claims that it attempted to contact Reddit twice, on April 13th and June 16th, demanding $4.5 million for deleting the data, but it did not receive a response. The ransomware operation threatened Reddit, saying that it was very confident that the company would not pay any money for their data. BlackCat is happy that the public will be able to read about all the statistics that Reddit tracks about its users and all the confidential data that the attackers took. The group also claimed that Reddit silently censors users, along with artifacts from their GitHub. Reddit declined to comment on BlackCat’s post, but BleepingComputer has confirmed that this is the same attack disclosed by Reddit in February.

The same hacking group that attacked Reddit is believed to be responsible for a similar attack on Western Digital in March 2023, which caused a massive outage to the company’s My Cloud cloud service. Although at first, the threat actors claimed not to have a name, screenshots of the stolen data were leaked on the ALPHV data leak site, with the attackers taunting the company about the attack. Western Digital sent data breach notifications in May, warning online store customers that their data was stolen during the attack.