Popular social news aggregation platform Reddit has revealed that an unidentified threat actor was the victim of a security incident that allowed unauthorized access to internal documents, code, and unidentified business systems. .
The company blamed a “sophisticated and highly targeted phishing attack” targeting employees on February 5, 2023.
The attack involved sending a “plausible prompt” redirecting to a website masquerading as Reddit’s intranet portal in an attempt to steal credentials and two-factor authentication (2FA) tokens.
One employee’s credentials were allegedly phished in this manner, giving the attacker access to Reddit’s internal systems. The affected employee self-reported the hack, he added.
However, the company stressed that it had no evidence to suggest that its production systems had been compromised or that users’ non-public data had been compromised. is not.
According to Reddit, “The exposure included limited contact information for (currently hundreds) of company contacts and employees (current and former), as well as limited advertiser information.
Without naming it, it added, “Similar phishing attacks have been reported recently.” The source code that was accessed after security revocation was not disclosed.
This development is another sign that attackers are increasingly finding ways to defeat 2FA by setting up similar pages that can perform man-in-the-middle (AitM) attacks.
