Hacker group BlackCat has claimed responsibility for the attack on Reddit and is threatening to leak stolen data if the company not paying the $4.5 million “ransom” and not returning the policy with its API.

Reddit, the first online social bookmarking and news aggregator on the planet, suffered a successful attack on its infrastructure last February. Ransomware attack using sophisticated a “highly directed” a previous phishing attack against just one of their employees was enough to gain access to systems, internal documents, source code, employee and advertiser data.

The company acknowledged the breach days later, though it limited its scope and ruled out that it affected production systems, user passwords, accounts or credit card information. He also said that the attack was possible after gaining the credentials of a single employee.

BlackCat, responsible for the attack on Reddit

It is not yet known who is behind the attack. This weekend, one of the group’s leaders claimed responsibility for the attack on its Deep Web forum, threatening to release 80 GB of compressed and confidential data stolen from Reddit.

The subject assures that after two “offer” attempts (a typical ransom in Ransomware attacks, although they did not encrypt the information in this one) they are confident that “Reddit won’t pay for your data”. and therefore threatens to reveal it: “I’m very happy that the public will be able to read the statistics where they track their users and all the interesting sensitive data that we collect. Did you know they also quietly censor users? Along with artifacts from his GitHub!”.

We will see what happens. BlackCat is an old familiar specializing in Ransomware attacks, the world’s biggest cyber security threat, and is suspected of being behind attacks on the infrastructure of the production company Riot Games, which allowed them to access the systems and steal the source code of League of Legends, Teamfight Tactics and the company’s anti-cheat platform Packman. He is also believed to have been responsible for the attack on storage giant Western Digital.

Interestingly, in addition to the money ($4.5 million), the pirates are demanding that Reddit withdraw changes to its API plans, which have been the subject of much controversy.