The Social News And Community Platform Reddit Gets Hacked

Reddit, the well-known social news aggregation site, has announced that it was recently hacked. According to the social news network, a security compromise of its systems happened on February 9. The alleged breach occurred somewhere on February 5.

The business has outlined the data breach as a sophisticated phishing effort that targeted Reddit staff. Reddit said hackers had successfully gained a worker's login information, giving them access to business systems, internal dashboards, and source code for internal documents.

The business added that the key production systems, where most of the data is housed, didn't suffer any breaches, ensuring that user account and password information was not exposed.

The incident was discovered after the affected staff self-reported the phishing attack, which prompted the security team to terminate the intruder's access and launch an internal inquiry.

The Employee Data Hacked

Reddit, which boasts a daily user base of more than 50 million, reported that its investigation revealed that certain contact details for hundreds of past and current workers, along with some ad details, were also taken.

We're continuing to investigate and monitor the situation closely and working with our employees to fortify our security skills. As we all know, the human is often the weakest part of the security chain.Reddit Blog Post

Although there are currently few details regarding the hack, the business did mention a similar attack used to compromise the game developer Riot Games. Hackers broke into the company's networks during that attack and stole the source code for League of Legends and Teamfight Tactics and a discontinued anti-cheat platform.

Reddit said it had no proof" that user information, including personal information, has been taken, leaked, or shared online.

Reddit stated that similar attempts have been reported recently and would continue to monitor and analyze such instances.

Chris Slowe, the chief technology officer of Reddit, claimed that the effect of the hack may have decreased as a result of the insights obtained from a previous case in 2018, which exposed user email addresses as well as hashed and salted passwords from a database dating back to 2007.

The 2018 assault used loopholes in SMS-based MFA to go around security measures that should have prevented the incident from happening. Later, Reddit dropped SMS-based MFA.

Users Need To Be Cautious

The popular content aggregation website also urged users to take security measures to protect their accounts. Reddit claims that having two-factor authentication will provide its users with an additional degree of protection. The website also suggested utilizing a password manager and periodically upgrading passwords as safety precautions for users.

Cybercriminals regularly target websites like Reddit since they may use the information they get to launch additional attacks.

Earlier this week, reports of hackers running cryptocurrency scam applications having developed a way to publish fake apps on Google and Apple's legitimate app stores started to surface.

Attackers were remotely modifying material to create fraudulent apps that pass through the authorized evaluation process of Google and Apple app stores to upload programs which are then used to perform CryptoRom scams, commonly known as pig butchering".

Although Google and Apple's security teams deleted the fake programs, users are warned to take precautions when installing apps from message links or emails since additional malicious apps may already be in circulation.

In recent weeks, GitHub and LastPass have admitted to similar incidents, with cybercriminals reportedly hacking similarly: by finding out the password or a live access code for a specific staff member and accessing under cover of that person's corporate identity.

The post The Social News And Community Platform Reddit Gets Hacked appeared first on The Tech Report.