{"id":234269,"date":"2020-08-08T18:40:17","date_gmt":"2020-08-08T16:40:17","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=234269"},"modified":"2021-03-22T13:21:05","modified_gmt":"2021-03-22T12:21:05","slug":"reddit-gehackt-sub-reddits-verunstaltet","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2020\/08\/08\/reddit-gehackt-sub-reddits-verunstaltet\/","title":{"rendered":"Reddit gehackt &#8211; Sub-Reddits verunstaltet"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/2020\/08\/08\/reddit-gehackt-sub-reddits-verunstaltet\/\" target=\"_blank\" rel=\"noopener noreferrer\">English<\/a>]Hackern ist es gelungen, in einer koordinierten Aktion die Plattform reddit.com zu hacken. Danach prangten Spr\u00fcche f\u00fcr eine Wiederwahl Trumps in den Sub-Reddits.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg05.met.vgwort.de\/na\/6b790d86f8c34f008d7114f218aeb972\" alt=\"\" width=\"1\" height=\"1\" \/>Ich hatte es die Nacht bereits auf Twitter gesehen. Catalin Cimpanu hat bei ZDNet einen Artikel dr\u00fcber gemacht &#8211; ich war aber auf <a href=\"https:\/\/web.archive.org\/web\/20210205012117\/https:\/\/www.bleepingcomputer.com\/news\/security\/reddit-hit-by-coordinated-hack-promoting-trumps-reelection\/\">diesen Bleeping Computer-Beitrag<\/a> gegangen, um n\u00e4heres zu erfahren.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">BREAKING: Massive hack hits Reddit<\/p>\n<p>Hackers are defacing Reddit with pro-Trump reelection messages.<\/p>\n<p>Tens of channels have been hit, including some pretty big ones (NFL, The Pirate Bay, 49ers, Black Mirror, GoT fans, etc.)<a href=\"https:\/\/t.co\/VkAuUZPiQn\">https:\/\/t.co\/VkAuUZPiQn<\/a> <a href=\"https:\/\/t.co\/5FJdaWofv7\">pic.twitter.com\/5FJdaWofv7<\/a><\/p>\n<p>\u2014 Catalin Cimpanu (@campuscodi) <a href=\"https:\/\/twitter.com\/campuscodi\/status\/1291790612317052930?ref_src=twsrc%5Etfw\">August 7, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>W\u00e4hrend der letzten 24 Stunden wurden mehrere Reddit-Subreddits (NFL, The Pirate Bay, 49ers, Black Mirror, GoT fans, etc.) verunstaltet,. Dabei haben die Angreifer hinter diesem Vorfall Pro-Trump-Botschaften ver\u00f6ffentlicht und die Themen der Community dazu ver\u00e4ndert. Generell ging es darum die Trumps 2020-Kampagne zu unterst\u00fctzen &#8211; was irgendwie selten d\u00e4mlich ist.<\/p>\n<p>Es scheint, als ob Moderatoren-Konten von Sub-Reddits \u00fcbernommen werden konnten &#8211; einige Nutzer wurden aus den Moderatorenlisten rausgekickt. <a href=\"https:\/\/www.vice.com\/en_us\/article\/y3zx7g\/hackers-hijack-reddit-pro-trump-messages\" target=\"_blank\" rel=\"noopener noreferrer\">Hier gibt es noch einen Artikel<\/a> dazu. Reddit empfiehlt den Betroffenen zu warten &#8211; man will das restaurieren. Ansonsten sollte eine Zweifaktor-Authentifizierung f\u00fcr den Zugang eingerichtet werden. Ein Moderator auf Reddit schrieb dazu:<\/p>\n<blockquote><p>Ongoing incident with compromised mod accounts<\/p>\n<p>There is an ongoing incident with moderator accounts being compromised and used to vandalize subreddits. We're working on locking down the bad actors and reverting the changes.<\/p>\n<p><strong>If your subreddit has been affected:<\/strong><\/p>\n<ul>\n<li>Please note the subreddit in the sticky comment below.<\/li>\n<li>To make it easy for us to pull and parse the list, please just write the subreddit name (\"r\/name\") without any commentary.<\/li>\n<li>If you were removed as a mod, please sit tight: We will be adding mods back, but it's not our first priority.<\/li>\n<\/ul>\n<p><strong>If your account was compromised and locked down:<\/strong><\/p>\n<ul>\n<li>Restoring access to accounts will be a later stage of this process. We will help you restore it later in the process.<\/li>\n<\/ul>\n<p><strong>If you're worried about your account:<\/strong><\/p>\n<ul>\n<li>Look for signs of a compromise:\n<ul>\n<li>You received email notification that the password and\/or email address on your account changed but you didn't request changes<\/li>\n<li>You notice authorized apps on your profile that you don't recognize<\/li>\n<li>You notice unusual IP history on your <a href=\"https:\/\/www.reddit.com\/account-activity\">account activity page<\/a><\/li>\n<li>You see votes, posts, comments, or moderation actions that you don't remember making, or private messages that you don't remember sending<\/li>\n<\/ul>\n<\/li>\n<li>For the love of Snoo, make sure you have <a href=\"https:\/\/web.archive.org\/web\/20210120044457\/https:\/\/reddithelp.com\/hc\/en-us\/articles\/360043046332-What-is-two-factor-authentication-and-how-do-I-set-it-up-\">two-factor authentication enabled<\/a>. Encourage the rest of your mod team to do the same.<\/li>\n<li>Change your password.<\/li>\n<\/ul>\n<p>Thanks for your patience as we work through this. We'll keep you updated here.<\/p>\n<p>Edit 1: To be clear, we have a number of methods of detecting compromised accounts, not just your reports here.<\/p>\n<p>Edit 2: Because of the way we're actioning these accounts, you may not be able to tell that they're actioned by visiting their profile. (Annoying, right?) The best way to tell if we're already working on your subreddit is to look for admin actions in your modlog.<\/p>\n<p>Edit 3a: We have officially confirmed that none of the accounts that were compromised had 2fa enabled at the time of the compromise. 2fa is not a guarantee of account safety in general, but it's still an important step to take to keep your account more secure.<\/p>\n<p>Edit 4: Once we've cleared everything up, we'll be messaging all affected subreddits letting them know they were affected but the situation is now resolved. To be clear, many mods will get access back to their account BEFORE we send this message, but we'll make sure to close the loop with the message on the other side of this. And yes, we'll be doing a post-mortem of some sort in <a href=\"https:\/\/www.reddit.com\/r\/redditsecurity\/\">r\/redditsecurity<\/a>, though that will be a bit further out.<\/p>\n<p>Edit 5: We've sent out messaging to affected communities and started letting account owners back into their accounts.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>[English]Hackern ist es gelungen, in einer koordinierten Aktion die Plattform reddit.com zu hacken. Danach prangten Spr\u00fcche f\u00fcr eine Wiederwahl Trumps in den Sub-Reddits.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[4328],"class_list":["post-234269","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/234269","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=234269"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/234269\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=234269"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=234269"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=234269"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}