Reddit hacked after sophisticated, highly-targeted phishing attack
Online discussion forum Reddit on Friday confirmed that its systems were hacked as a result of a sophisticated and highly-targeted phishing attack.
According to Reddit CTO Christopher Slowe, or KeyserSosa, the company became aware of the “sophisticated” attack targeting its employees on February 5.
“As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behaviour of our intranet gateway, in an attempt to steal credentials and second-factor tokens,” Slowe said.
After successfully obtaining a single employee’s credentials, the attacker gained access to some internal documents, code, as well as some internal dashboards and business systems.