9/5/2023 0 Comments Reddit cyberghost review![]() ![]() Slowe feels the company was successful in learning from its mistakes back then, which has helped mitigate the severity of this attack. That last part is particularly interesting, as Slowe brings up the security incident in 2018 in which it suffered much bigger data losses, including user credentials. Reddit says it’s still investigating the incident and has learned some valuable lessons. The attackers were able to pilfer limited contact information for hundreds of Reddit employees, though, along with some advertiser information. ![]() The social media company maintains no user data has been compromised (so far) and that its primary production systems (that run Reddit and store the majority of its data) weren’t accessed. They were also able to access some of Reddit’s code. Apparently, they were able to get into some of the company’s internal documents, dashboards, and business systems. The announcement mentions the malicious party managed to trick the employee so they could “steal credentials and second-factor tokens”.Īfter gaining access to Reddit’s employee intranet via the compromised credentials, the cybercriminals quickly combed through Reddit’s systems. ![]() According to Reddit Chief Technical Officer Chris “KeyserSosa” Slowe, the attackers managed to convince the employee to click on a link in an email which led them to a cloned website of Reddit employees’ intranet gateway. Reddit announced the incident on February 9 in a post on the r/reddit sub, notifying its users about a successful social engineering attack against one of its employees. Malicious Hackers Stole Some Reddit Documents and Code The most interesting part of this news, however, might be in what Reddit isn’t explicitly saying: how it managed to be targeted by another social engineering attack in the span of 5 years, despite the lessons it apparently forgot to learn the last time. For now, the company says no user data has been compromised and that it hasn’t found evidence of any stolen information being sold on the web. The employee soon realized what was happening and alerted Reddit security, who promptly shut down the attacker’s access to its systems.ĭespite this, the attacker was still able to root around in Reddit’s underbelly for a few hours, giving them access to various business systems. The malicious actor was able to trick an employee into giving away their credentials through a spear phishing attack. Popular social media forum Reddit was compromised by an unknown attacker. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |