130

Alphv ransomware group claims to have hacked Reddit, threatens to leak data unless money paid and API changes reverted (feddit.de)

submitted 2 years ago by red@feddit.de to c/technology@beehaw.org

82 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[-] narc0tic_bird@beehaw.org 65 points 2 years ago

So they "broke into Reddit" back in February and contacted Reddit in April. After Reddit didn't react they contacted them again a few days ago at this very opportunistic time.

They never specified exactly what kind of data they stole, nor did they prove it by providing samples.

For all we know this story could be entirely made up and they actually have nothing.

But even if they have something, them trying to come across as the good guys in this is so weird to me. No, you're not the good guys. You are criminals.

[-] Stumblinbear@pawb.social 18 points 2 years ago

They may be the bad guys, but they're not necessarily bad guys

[-] Kaldo@kbin.social 11 points 2 years ago

“I believe you find life such a problem because you think there are good people and bad people. You're wrong, of course. There are, always and only, the bad people, but some of them are on opposite sides.”

[-] SHITPOSTING_ACCOUNT@feddit.de 7 points 2 years ago

February? Then I believe they have obtained a full copy of all posts and comments on the site. /s

(For those who don't get the joke: https://github.com/Watchful1/PushshiftDumps - full dumps of all Reddit data up to February exist, and I think archive.org has the March file too)

[-] neo@lemmy.comfysnug.space 35 points 2 years ago

Is it weird that I kind of want both groups to lose out here?

[-] gk99@kbin.social 22 points 2 years ago

The enemy of my enemy is also my enemy.

[-] BLAMM67@beehaw.org 13 points 2 years ago

Maxim 29: The enemy of my enemy is my enemy's enemy. No more. No less.

-The Seventy Maxims of Maximally Effective Mercenaries

[-] Steeve@lemmy.ca 8 points 2 years ago

It's enemies all the way down

load more comments (1 replies)

[-] Th4tGuyII@kbin.social 27 points 2 years ago

I want the API changes reverted as much as any other Reddit refugees here, but I can't stand behind this kind of malfeasant extortion.

Not only is it blatantly obvious they're using the API change rhetoric as a means of irritating Reddit into giving them their hush money, it also avts towards delegitimising all protest efforts made by the Subreddits thus far

[+] NumbersCanBeFun@kbin.social 16 points 2 years ago

[deleted]

[-] BlueBockser@programming.dev 13 points 2 years ago

But as the text says, this extortion began 5 days before the API changes were even announced. These criminals don't give a f*ck about the API and threaten to leak the data of those same users they're claiming to protect.

I think we should just ignore this, because it's a distraction for public pressure and will only make Reddit look better - either by delegitimising the protest or by making them look like a victim instead of the perpetrator they are.

[-] Th4tGuyII@kbin.social 6 points 2 years ago

Karma IS a bitch, but I for one am still not going to stand behind illegalities like this. It's not the way.

As I said before, these hackers don't care. The grandstanding is their way of getting attention off the backs of the protests. All supporting these criminals does is delegitimise the real protest by making Reddit look like the victim.

That aside, even from a practical standpoint this wouldn't work longterm. If extorted into backpeddalling, Reddit will just quietly up their data security, and once they've made sure the threat of a leak is dealt with, they'll go right on back to the API change.

load more comments (1 replies)

[-] totorohno@lemmy.one 16 points 2 years ago

Fuck spez, but this is not the way. Why even ask for money if they don’t expect Reddit to pay? That cheapens their cause.

[-] firebreathingbunny@kbin.social 13 points 2 years ago

Their cause is the money. Everything else is marketing.

[-] Rentlar@beehaw.org 21 points 2 years ago

[-] redcalcium@c.calciumlabs.com 15 points 2 years ago

Ransomware operators are scum and should not be trusted, let alone paid.

[-] cowvin@kbin.social 8 points 2 years ago

This isn't ransomware. This is standard blackmail.

[-] YMS@kbin.social 5 points 2 years ago

Correct, but done by ransomware operators.

load more comments (3 replies)

load more comments (1 replies)

[-] gds@kbin.social 6 points 2 years ago

Agreed they definitely shouldn’t pay these guys.

unfolds chair

load more comments (2 replies)

[-] JWBananas@kbin.social 14 points 2 years ago

john-oliver-cool-sarcastic.gif

Put up or shut up

[-] HisNoodlyServant@beehaw.org 11 points 2 years ago

80gb? That isn't too much but guess if it's internal information and docs could be damaging to a public offering.

[-] heartlessevil@lemmy.one 22 points 2 years ago

For context, based on historical pushshift data:

80gb zipped decompresses to ~1100GB of text data
80gb zipped would only be the most recent ~4 months of comments

They do indicate that the data they have is more valuable though, particularly pointing out how users are being tracked (GDPR alarm bells ringing) or censored.

[-] maynarkh@feddit.nl 8 points 2 years ago

Might be a single weird Bee Movie video meme as well.

[-] bumbly@readit.buzz 11 points 2 years ago

If it hurts the IPO, I'm all for it. My data on reddit is worthless anyway...

[-] Laille@kbin.social 9 points 2 years ago

lol, fuck reddit, but do they expect us to cheer for them when they're holding user data hostage? They can fuck right off too.

[-] nigh7y@lemmy.ml 8 points 2 years ago

Any proof they have what they say they have? If they can't, at the very least, make that bit public, then imma have to call it a bluff.

[-] drifty@lemmy.ml 8 points 2 years ago

Can you share the onion link here

[-] Kowowow@lemmy.ca 8 points 2 years ago

Ooh ThE rEdDiT fIlEs I can only hope it's more interesting than the twitter files

[-] cultsuperstar@lemmy.ml 8 points 2 years ago

Only $4.5 million? That amount seems kind of low if the data they have is as valuable as they say.

[-] Otome-chan@kbin.social 7 points 2 years ago

>reddit fucks over users

>hackers fuck over users

why do this?

load more comments (1 replies)

[-] primbin@lemmy.one 6 points 2 years ago

Is there any way to validate these claims?

[-] cowvin@kbin.social 12 points 2 years ago

Usually what happens is that these sorts of blackmailers will leak small, verifiable pieces of data so people know they really got something. We don't see that here, so for now there's no reason to take them seriously yet.

load more comments (1 replies)

[-] red@feddit.de 6 points 2 years ago

No. If Reddit would negotiate with them, they'd probably leak small subsets as proof that they have actual data that isn't available publicly. But with no negotiations, there's not really any need for that.

load more comments (7 replies)

[-] BrooklynMan@lemmy.ml 6 points 2 years ago* (last edited 2 years ago)

lol, ok. i mean, even if this is true (which, eh, maybe it is), I'm not really sure it's worth what they're asking for it. if this threat is genuine, and they follow through, it will certainly be publically embarrassing for spez at a really bad time. but there's zero chance he's going to give in to their demands.

i don't expect the data dump would contain anything particularly juicy, or these demands would have been made months ago. it's just that it would be embarrassing for reddit (and spez) if it happened, particularly right now.

[-] Rachel@derp.foo 6 points 2 years ago

Is there any information on what kind of data they stole? It’s a public forum with a lot of public data, it makes no sense that they negotiate about data that is already public.

[-] tal@kbin.social 12 points 2 years ago

Well, assuming that this is even directly related to the forum, as opposed to, say, email logs from the Reddit internal email server or something, things that might not be public:

Private messages between users.
Browsing data. I mean, maybe a user only posts on /r/politics, and that's public, but spends a lot of time browsing /r/femdom or whatever.
IP addresses of users. Might be able to associate multiple accounts held by a user.
Passwords. While hopefully stored in a salted and hashed format, so they can't be simply trivially obtained, they can still be attacked via dictionary attacks, which is why people are told not to use short and predictable passwords.
Email addresses (if a user registered one)
Reddit has some private chat feature that I've never used, which I imagine is logged.

[-] redcalcium@c.calciumlabs.com 8 points 2 years ago

Reddit used to be open source and the password was hashed using bcrypt.

[-] cowvin@kbin.social 6 points 2 years ago

Well they mention Github artifacts in that message so it sounds like it's more like they may have obtained source code and that sort of non public stuff.

[-] mobyduck648@beehaw.org 8 points 2 years ago

Their code was open source until 2017 and it’s got progressively more dogshit for the end user since, I suspect if this is real it’s probably a bit juicier.

load more comments (1 replies)

[-] iAmTheTot@kbin.social 6 points 2 years ago

Nah you're not going to catch me rooting for a ransomware attacker

load more comments

this post was submitted on 18 Jun 2023

130 points (100.0% liked)

Technology

39605 readers

324 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago

MODERATORS

alyaza@beehaw.org

TheRtRevKaiser@beehaw.org

gyrfalcon@beehaw.org

rs5th@beehaw.org

coldredlight@beehaw.org

SemioticStandard@beehaw.org

TheRtRevKaiser@kbin.social

remington@beehaw.org