Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack.
A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that on February 5 the company became aware of the “sophisticated” attack targeting Reddit employees. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts,” which redirected employees to a website masquerading as Reddit’s intranet portal in an attempt to steal credentials and two-factor authentication tokens.
Slowe said that “similar phishing attempts” have been reported recently, without naming specific examples, but likened the breach to the recent Riot Games hack, which saw attackers use social engineering tactics to access source code for the company’s legacy anti-cheat system.
Reddit said that hackers successfully obtained an employee’s credentials, allowing them to gain access to internal documents and source code, as well as some internal dashboards and business systems.
Slowe said the company learned of the breach after the phished employee self-reported the incident to Reddit’s security team. Reddit quickly cut off the infiltrators’ access and began an internal investigation.
Reddit, which has more than 50 million daily users, said its investigation found that some contact information for hundreds of current and former employees, as well as some advertiser information, was also accessed. Reddit said it has “no evidence” that personal user data and other non-public data has been stolen, published or distributed online.
Regardless, Reddit has recommended that all users set up two-factor authentication on their accounts and use a password manager. “Besides providing great complicated passwords, they provide an extra layer of security by warning you before you use your password on a phishing site,” Slowe says.
“We’re continuing to investigate and monitor the situation closely and working with our employees to fortify our security skills,” he added. “As we all know, humans are often the weakest part of the security chain.”
Reddit experienced a more serious data breach in 2018 that saw attackers access a complete copy of Reddit data from 2007, comprising the first two years of the site’s operations. This included usernames, hashed passwords, emails, public posts and private messages.
The holiday season is almost over, but security patches are still continuing to arrive thick and fast in December. The month has seen updates released by Apple, Google, and Microsoft, as well as enterprise software companies including the likes of SAP, Citrix, and VMWare. Many of the patches fix zero-day vulnerabilities already being exploited in […]
U.S. officials say they have seized dozens of domains linked to some of the world’s leading distributed-denial-of-service-for-hire websites. But TechCrunch found that several of the seized sites are still online. In a press release on Wednesday, the U.S. Department of Justice announced the takedown of 48 domains associated with some of the world’s most popular […]
DNV, a Norwegian shipping classification society, has confirmed its systems were hit by a ransomware attack, affecting around 1,000 ships that rely on its technology. The Oslo-based DNV said in a statement on Wednesday that its ShipManager software was targeted by file-encrypting malware on January 7, forcing the organization to shut down its servers. ShipManager is a fleet management […]
Leave a Reply