Hackers claiming to be behind the Reddit data breach in Februrary have demanded a $4.5m ransom and a reversal to the firm’s controversial application programming interface (API) price increases.
If Reddit refuses, the group says it will release 80GB of sensitive data.
Reddit revealed in February that it had been the victim of a targeted phishing scheme. The firm said attackers had obtained internal codes, business systems and documents. At the time, Reddit said there was no evidence of user accounts being compromised.
The BlackCat ransomware criminal group have taken responsibility for the hack and claim to have contacted Reddit twice asking for $4.5m to delete the data, once on April 13th and again on June 16th.
After receiving no response, the group is now threatening to make the data public if the company does not reverse its new controversial API charges and hand over the ransom.
Hackers are using Reddit’s API controversy to their advantage
The hacking standoff comes at an already troubling time for Reddit and its users. In April 2023, Reddit announced it would be significantly increasing the price for developers to use the site’s API – a move that caused mass protest throughout the Reddit community.
How well do you really know your competitors?
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
Founded in 2005, Reddit didn’t get an official mobile app until over a decade later in 2016.
Third-party apps including Sync, Apollo and Reddit is Fun were set up by users to access the platform before the app was created.
Until now, the price for developers to use Reddit’s API – the code which allows for the searching and showing of Reddit content – had been free for the vast majority, and those that used it on a large scale just had to pay a few dollars.
Reddit claims it will not be charging the vast majority of users that currently use API for free.
However, the price hikes mean that these aforementioned popular third-party apps can no longer afford to continue, with some saying it would cost them millions to run.
Christian Selig, developer of popular third-party app, Apollo, claimed running the site would cost him up to $20m.
Writing on Reddit, Selig said: “The price they gave was $0.24 for 1,000 API calls.
“I quickly inputted this in my app, and saw that it was not far off Twitter’s outstandingly high API prices, at $12,000, and with my current usage would cost almost $2m per month, or over $20m per year.”
Reddit’s price hike does, in fact, follow in the footsteps of Elon Musk’s changes to Twitter, which Reddit CEO Steve Huffman suggested had been somewhat of an inspiration to him.
Talking to NBC News, Huffman said: “Long story short, my takeaway from Twitter and Elon at Twitter is reaffirming that we can build a really good business in this space at our scale.
“Now, they’ve taken the dramatic road, and I guess I can’t sit here and say that we’re not either, but I think there’s a lot of opportunity here.”
In March, Twitter began sending emails to its current API users stating that API price packages would begin at $42,000 a month for 50m tweets – heading all the way to the top tier of $210,000 a month for 200m tweets.
Before Musk’s takeover, Twitter offered a completely free tier of its API, giving developers the option to pay for a “premium” or “enterprise” tier that peaked at $2,899.
Clash between Reddit and its users continue
It is unclear what will happen next for Reddit and its angry users.
Thousands of the site’s popular forums, known as subreddits, went “dark” at the beginning of the month in protest at the changes. Administrators and moderators, which are self-elected users of the site that look after the separate communities, set the subreddits to private to close users out of them.
This has not appeared to make any change to Reddit’s decision, with CEO Huffman claiming that “it’s not going to change anything”.
“Protest and dissent is important,” Huffman said.
“The problem with this one is it’s not going to change anything because we made a business decision that we’re not negotiating on,” he added
Michelle Stark, sales and marketing director at Fasthosts, told Verdict that the pricing is unlikely to change “despite the Reddit community’s best efforts”.
“Ultimately, the direction and control of the site is still in the corporation’s hands, and these protests would have to seriously affect the bottom line,” Stark said.
“The overwhelming majority of Redditors do not use apps or sites affected by the changes to API pricing, and it’s highly likely that community outrage will eventually fizzle out.”