Common social information aggregation platform Reddit has disclosed that it was the sufferer of a safety incident that enabled unidentified menace actors to achieve unauthorized entry to inner paperwork, code, and a few unspecified enterprise programs.
The corporate blamed it on a “refined and highly-targeted phishing assault” that passed off on February 5, 2023, focusing on its workers.
The assault entailed sending out “plausible-sounding prompts” that redirected to a web site masquerading as Reddit’s intranet portal in an try and steal credentials and two-factor authentication (2FA) tokens.
A single worker’s credentials is claimed to have been phished on this method, enabling the menace actor to entry Reddit’s inner programs. The affected worker self-reported the hack, it additional added.
The corporate, nonetheless, pressured that there is no such thing as a proof to counsel that its manufacturing programs had been breached or that customers’ personal knowledge has been compromised. There isn’t any indication that the accessed data has been printed or distributed on-line.
“Publicity included restricted contact data for (at present lots of of) firm contacts and workers (present and former), in addition to restricted advertiser data,” Reddit stated.
It additional famous “comparable phishing assaults have been lately reported” with out taking any particular names. It didn’t disclose what supply code was accessed following the safety lapse.
The event is yet one more indication as to how menace actors are more and more discovering methods to defeat 2FA by establishing lookalike pages which might be able to pulling off adversary-in-the-middle (AitM) assaults.
