Reddit got Trumped. On Friday, many users visited their favourite subreddits and found something unexpected: pro-Donald Trump Make America Great Again campaign banners and messages supporting the president. It was not a coincidence.
Weeks after Twitter suffered an embarrassing hack that compromised influential accounts, attackers took aim at Reddit on Friday, specifically at a number of popular and high-profile subreddit communities, such as r/space, r/food, r/Japan, r/nfl, r/cfb and r/podcasts, among many others. The coordinated attack involved vandalizing the subreddits — which together have millions of subscribers — by plastering pro-Trump images on them and, in many cases, posting messages affirming support for the president from hacked moderator accounts, per Wired.
[referenced url=”https://gizmodo.com.au/2020/07/about-the-wayfair-child-trafficking-conspiracy/” thumb=”https://gizmodo.com.au/wp-content/uploads/2020/07/11/zmjwi34vquebswrhxu9c-300×169.png” title=”About the Wayfair Child Trafficking Conspiracy” excerpt=”R/conspiracy never sleeps, every day on the internet is a zombie march through a waking nightmare, and as a result, there is a new Pizzagate. The elements: home furnishing e-commerce platform Wayfair, exorbitantly-priced cabinets, a human trafficking theory, and a string of letters you should never type into Yandex. This…”]
One example of these messages could be found on r/cfb, a subreddit dedicated to college football. Wired reports that in the message, the hackers called on people to vote for the president in November, called the coronavirus a “hoax” and included a list titled “Ten Things Democrats Did Wrong.”
“We on behalf of the American people want to implore and strongly encourage you all to vote Trump in the 2020 elections of the USA of America,” read one message from a hacked moderator’s account.
You can check out what some of the hacked subreddits looked like below.
BREAKING: Massive hack hits Reddit
Hackers are defacing Reddit with pro-Trump reelection messages.
Tens of channels have been hit, including some pretty big ones (NFL, The Pirate Bay, 49ers, Black Mirror, GoT fans, etc.)https://t.co/VkAuUZPiQn pic.twitter.com/5FJdaWofv7
— Catalin Cimpanu (@campuscodi) August 7, 2020
Reddit was just hit with widespread hacking that even compromised 2FA security
Pro Trump messages flooded the site but it was obviously written by non-native english speakers and was also written in Chinese pic.twitter.com/v38NURQrl9
— Tim Pool (@Timcast) August 7, 2020
In a statement to Wired on Friday, Reddit said it was investigating the incident. The company suspects the attack was carried out via compromised moderator accounts.
“An investigation is underway related to a series of vandalised communities,” a Reddit spokesperson said. “It appears the source of the attacks were compromised moderator accounts. We are working to lock down those accounts and restore impacted communities.”
Gizmodo has reached out to Reddit to ask for additional information about the incident but has not received a response yet.
It is unclear how the hackers were able to carry out the coordinated attack. As mentioned above, Reddit believes that the hackers targeted moderator accounts to gain control of the subreddits and vandalise them. Considering the messages posted by some moderator accounts, this seems like a credible theory.
Nonetheless, important questions remain: How were the hackers able to take over moderator accounts? Was it a password or authentication issue? Or was it a Reddit issue? In other words, did hackers gain access from inside Reddit’s systems?
[referenced url=”https://gizmodo.com.au/2020/06/reddit-brings-the-banhammer-down-on-r-the_donald-and-2000-other-subs/” thumb=”https://gizmodo.com.au/wp-content/uploads/2020/06/30/wt2qtf658drmxnudwgcc-300×169.jpg” title=”Reddit Brings the Banhammer Down on r/The_Donald and 2,000 Other Subs” excerpt=”This weekend’s rumours were true: Reddit has swung its mighty banhammer, taking out 2,000 groups, including r/The_Donald and r/ChapoTrapHouse. A few hours later, the Verge reported that Twitch temporarily banned the Donald himself, namely over video of his racist rallies, with few additional details.”]
In light of the recent Twitter hack, this new Reddit vandalism attack probably won’t soothe anyone’s security anxiety.
Thankfully, the damage done by the hackers was not irreversible. Once they got control of their subreddits back, moderators began eliminating the changes, deleting messages and images and reverting the communities to their normal state.
[Wired]