Multiple subreddits hacked in coordinated attack on Reddit, pro-Trump messages posted
By Abhay Venkatesh @abhay_venkat4 · Aug 7, 2020
By Abhay Venkatesh @abhay_venkat4 · Aug 7, 2020
[SHOWTOGROUPS=4,20,22]
Multiple Reddit subreddits have been compromised by hackers that are posting messages and images promoting U.S. President Donald Trump’s re-election. A Для просмотра ссылки Войдиили Зарегистрируйся details the attacks, noting that the incident involves the compromise of moderator accounts. The firm is working to lock down accounts of bad actors and “reverting the changes”, and is also investigating the breach.
The post also provides moderators and users a few steps to ascertain if their accounts have been compromised. It suggests that affected users note the names of their accounts in the stickied comment on that post. It also suggests that users who were removed as moderators “sit tight” as the service will be adding them back soon. However, securing the accounts will be the priority at first. Additionally, the firm reassures users that it has dedicated methods to detect compromised entities.
Для просмотра ссылки Войдиили Зарегистрируйся
Image: Для просмотра ссылки Войдиили Зарегистрируйся
Here are the signs that users are being asked to look for to ascertain if their accounts were affected:
Currently, not all affected users will be able to tell that their accounts have been actioned on. “The best way to tell if we're already working on your subreddit is to look for admin actions in your modlog.”, the post adds. It is also asking all users to change their passwords if they are concerned about their accounts. Some affected accounts posted Для просмотра ссылки Войдиили Зарегистрируйся.
Image credit: Для просмотра ссылки Войдиили Зарегистрируйся
BleepingComputer reports that a hacked Twitter account claimed responsibility for the coordinated attack on Reddit. The bad actors also reportedly tweeted subreddits that they intended to hack. The tweets also noted that the moderators’ passwords were weak and “easy to take over”.
The account has since been suspended by Twitter.
Reddit says that once it has dealt with the situation, it will send out messages to all affected subreddits, “letting them know they were affected but the situation is now resolved”.
The firm will also be posting more detailed information about the incident Для просмотра ссылки Войдиили Зарегистрируйся later.
[/SHOWTOGROUPS]
Multiple Reddit subreddits have been compromised by hackers that are posting messages and images promoting U.S. President Donald Trump’s re-election. A Для просмотра ссылки Войди
The post also provides moderators and users a few steps to ascertain if their accounts have been compromised. It suggests that affected users note the names of their accounts in the stickied comment on that post. It also suggests that users who were removed as moderators “sit tight” as the service will be adding them back soon. However, securing the accounts will be the priority at first. Additionally, the firm reassures users that it has dedicated methods to detect compromised entities.
Для просмотра ссылки Войди
Image: Для просмотра ссылки Войди
Here are the signs that users are being asked to look for to ascertain if their accounts were affected:
Another important step that the post requests users to do is to enable two-factor authentication (2FA). The firm confirms that all accounts that were impacted did not have 2FA enabled, which made it easier for hackers to get through. The attacks apparently began about 24 hours ago and include subreddits such as r/japan, r/avengers, and more.
- You received email notification that the password and/or email address on your account changed but you didn’t request changes
- You notice authorized apps on your profile that you don’t recognize
- You notice unusual IP history on your Для просмотра ссылки Войди
или Зарегистрируйся- You see votes, posts, comments, or moderation actions that you don’t remember making, or private messages that you don’t remember sending
Currently, not all affected users will be able to tell that their accounts have been actioned on. “The best way to tell if we're already working on your subreddit is to look for admin actions in your modlog.”, the post adds. It is also asking all users to change their passwords if they are concerned about their accounts. Some affected accounts posted Для просмотра ссылки Войди
Image credit: Для просмотра ссылки Войди
BleepingComputer reports that a hacked Twitter account claimed responsibility for the coordinated attack on Reddit. The bad actors also reportedly tweeted subreddits that they intended to hack. The tweets also noted that the moderators’ passwords were weak and “easy to take over”.
The account has since been suspended by Twitter.
Reddit says that once it has dealt with the situation, it will send out messages to all affected subreddits, “letting them know they were affected but the situation is now resolved”.
The firm will also be posting more detailed information about the incident Для просмотра ссылки Войди
[/SHOWTOGROUPS]