SoylentNews

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Hackers threaten to leak stolen Reddit data [ctvnews.ca]:

Reddit’s month may be going from bad to worse.

Hackers from the BlackCat ransomware gang, also known as ALPHV, are threatening to leak 80 gigabytes of confidential data from Reddit that they claim to have stolen during a February breach, according to a post from the group on the dark web, which was reviewed by CNN and an independent cybersecurity expert.

• Business news stories from across Canada and the world [ctvnews.ca]

In their post, the hackers claim they first demanded a US$4.5 million payout “for the deletion of the data and our silence” in April. After receiving no response, the group said it followed up on Friday with an additional demand: Reddit should withdraw a controversial new pricing policy that has sparked a protest from some of the platform’s most influential users.

Reddit CTO Chris Slowe previously posted about a security incident that took place in early February. In the post, Slowe said the company’s “systems were hacked as a result of a sophisticated and highly-targeted phishing attack,” with hackers accessing “some internal documents, code, and some internal business systems.” Only employee data was accessed, according to the post.

A Reddit spokesperson confirmed to CNN on Monday that BlackCat’s post relates to the February incident. The spokesperson reiterated that no user data was accessed, but declined to comment beyond that.

More than 6,000 Reddit forums went dark last Monday in what was supposed to be a two-day protest over the company’s plan to begin charging steep fees for some third party apps to access its platform. A week later, more than 3,500 Reddit forums remain dark.

While the ransom note appears to support the protestors’ cause, some experts are skeptical of BlackCat’s actual motives.

“I suspect that ALPHV doesn’t actually care about the API pricing. They simply want future victims to see how much ongoing harm they can cause to increase the likelihood of them deciding that payment is the least painful option,” said Brett Callow, threat analyst at cybersecurity firm Emsisoft, who reviewed the post on the dark web.

BlackCat, for its part, said it does not expect Reddit to meet its demands.

“We are very confident that Reddit will not pay for its data,” the group wrote in the post on the dark web. “We expect to leak the data.”

when-it-rains-it-pours dept.

Reddit communities adopt alternative forms of protest as the company threats action on moderators [techcrunch.com]:

Multiple subreddits are adopting alternative methods of protesting like publishing only one kind of post, changing the topic in focus, and days when the community turns private.

A lot of these communities took part in the Reddit blackout from June 12-14 to rally against Reddit’s API rule changes [techcrunch.com], which could effectively kill a lot of third-party apps. As the company — and its CEO Steve Huffman — decided not to make any changes, subreddits started thinking about going dark indefinitely.

However, Reddit pointed out that moderators must keep the community open. Plus, they can’t decide that their community should go dark without a public vote. The company even sent messages [theverge.com] to moderators saying that they will be removed if they all continue to particulate in the blackout.

To get around the moderator removal action, multiple communities are running polls to decide what type of posts are allowed on the subreddit. They are also relaxing some [reddit.com]rules [reddit.com] — because of the changes, moderators won’t have certain tools available to them, making their job more difficult.

Some of the biggest communities like r/pics [reddit.com], r/aww [reddit.com], and r/GIF decided to post John Oliver pictures and GIFs [reddit.com]. In a tweet, Oliver approved this move.

Dear Reddit, excellent work. Attn: r/pics — have at it…

— John Oliver (@iamjohnoliver) June 17, 2023 [twitter.com]

In the case of r/aww, the community is also allowed to post pictures of Chiijohn [youtube.com]. r/iPhone decided to post pictures celebrating “dashing” Tim Cook [reddit.com].

There are some truly bizarre forms of protest as well:

• r/Shitposting [reddit.com] banned posts with the letter k.
• r/Wellthatsucks [reddit.com] is now a subreddit about vacuum cleaners.
• r/Nofans [reddit.com] is now a passive PC cooler subreddit.
• r/Interestingasfuck [reddit.com] removed a lot of all rules apart from asking members to not break site-wide rules.
• r/Memes [reddit.com] is allowing only Medieval / Landed Gentry memes. This is in response to Huffman’s “Landed Gentry” comment [techcrunch.com] about protesting subreddits.
• r/PokemonGo [reddit.com] is now allowing pictures of John Oliver, Pikachu, or Spark.
• r/Horny [reddit.com] is now a “Christian Minecraft server.”
• r/Steam [reddit.com] members are posting about actual steam.
• r/HarryPotter [reddit.com] is now referring to Huffman as Voldemort.
• Some subreddits such as r/Showerthoughts [reddit.com] are determining close days for the community.

Reddit CEO lashes out on protests, moderators and third-party apps [techcrunch.com]

While these methods are innovative and amusing, we’ll have to see if Reddit management shows any tendency to budge. In recent interviews, Huffman vehemently defended the company’s API rule changes [techcrunch.com] and said that it wants to be profitable. He also suggested that these protests were spearheaded by a “small group that’s very upset” and it didn’t have any impact on the company’s revenues. Through these public votes, communities are trying to prove that a large number of people are unhappy with the changes made by Reddit.

If you are a subreddit moderator or Reddit employee who wants to talk about the ongoing situations, you can contact the reporter at im@ivanmehta.com.

Original Submission