Reddit was recently attacked by hаckers who used phishing scams to gain access to confidential internal data, including contact details of business relationships.
(https://martech.org/wp-content/uploads/2014/07/reddit-combo-1920.png)
The attacker sent out realistic instructions leading staff members to a website that imitated Reddit's intranet gateway, fooling them into giving away passwords and second-factor tokens.
As a social news and discussion website with thousands of subcommunities, or "subreddits", Reddit is also a popular platform for AMAs with celebrities, politicians, and other public figures. On February 5th, a highly targeted phishing attack resulted in the compromise of Reddit's systems, allowing the hаcker to access internal dоcuments, code, and business systems. However, Reddit asserts that no accounts or passwords were impacted.
After a single employee fell for the phishing scam, the hаcker gained access to some internal dоcuments, code, dashboards, and business systems, exposing contact information of firm contacts, current and former employees, and advertiser information. Reddit conducted a thorough preliminary investigation over several days and has found no evidence indicating any customer private information has been accessed or that Reddit's data has been posted online.
The impacted employee immediately reported the phishing attempt, and the security team quickly blocked the intruder's access and initiated an internal investigation. Lastly, it is worth noting that in today's digital age, companies must always be aware of threats from cybercriminals and take measures to ensure their systems are secure.
Reddit representatives claim that the hаckers acquired employees' credentials by using phishing scams that led to a landing page resembling an internal Reddit network site. Once they had these details, the hаckers gained access to internal dоcuments, codes, dashboards, and business systems. Unfortunately, one employee fell for the bait and exposed internal data.
The violated data included company contacts, contact details of some current and former workers, and advertisers' information, but bank card details, passwords, and advertising performance indicators were not disclosed. In response, the concerned employee reported the breach to the company's security service, who subsequently conducted an internal investigation. Reddit emphasized that their primary production system was not affected, only selective internal data.
Although Reddit has not released many details about this phishing attack, the company pointed out a recent similar incident that affected Riot Games. There too, the hаckers compromised an employee and stole the source code of League of Legends and Teamfight Tactics games. Riot Games refused to pay the $10 million demand from the hаckers, who then sold the usermode anti-cheat Packman and the League of Legends source code for almost one million dollars.
In light of such events, Positive Technologies conducted a study that identified network attacks and unauthorized traffic in 100% of organizations. The study revealed that remote access software such as TeamViewer, AnyDesk, and Ammyy Admin, which use unprotected protocols, are common among 72% of companies. Companies' network activity is often suspicious, including hiding traffic, receiving data from a domain controller, and launching network scanning tools.
Tor Project also reported experiencing regular DDoS attacks that disrupt the Tor network's availability. As a result, users cannot access onion services. The developers are working to mitigate these attacks and adapt to the ever-changing methods used by hаckers.