uTalk

thrive

Member

Registered: 2023-01-04

Posts: 1,985

Security Breach at Reddit Exposes Internal Documents and Source Code

Reddit, the widely used social news aggregation platform, has revealed that it was the victim of a security issue in which unrecognized threat actors gained unauthorized access to internal documents, code, and some unspecified business systems.

The company blamed it on a "sophisticated and highly-targeted phishing attack" against its employees on February 5, 2023.

The attack entailed sending out "plausible-sounding prompts" that redirected to a website masquerading as Reddit's intranet portal in an attempt to steal credentials and two-factor authentication (2FA) tokens.

A single employee's credentials is said to have been phished in this manner, enabling the threat actor to access Reddit's internal systems. The affected employee self-reported the hack, it further added.

The company, however, stressed that there is no evidence to suggest that its production systems were breached or that users' non-public data had been compromised. There is no indication that the accessed information has been published or distributed online.

"Exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information," Reddit said.

It further noted "similar phishing attacks have been recently reported" without taking any specific names. It did not disclose what source code was accessed following the security lapse.

The development is yet another indication as to how threat actors are increasingly finding ways to defeat 2FA by setting up lookalike pages that are capable of pulling off adversary-in-the-middle (AitM) attacks.