Multiple Reddit moderator accounts have been compromised and abused to post pro-Trump messages on a variety of subreddits.
The hackers appear to have targeted moderator accounts that did not have two-factor authentication (2FA) enabled, and leveraged their rights to modify subreddits or even remove moderator accounts that had fewer rights.
“There is an ongoing incident with moderator accounts being compromised and used to vandalize subreddits. We’re working on locking down the bad actors and reverting the changes,” a Reddit administrator revealed.
The online platform worked over the weekend on addressing the issue and restoring moderator access, but shared little technical details on the incident, except for the fact that none of the hacked accounts had 2FA enabled.
“We have officially confirmed that none of the accounts that were compromised had 2fa enabled at the time of the compromise. 2fa is not a guarantee of account safety in general, but it’s still an important step to take to keep your account more secure,” the Reddit admin said.
The online platform has already started providing affected users with access to their accounts, as well as notifying the impacted communities of the issue. Further details on the security incident will be provided in a future post, Reddit said.
At least one of the impacted moderators has shared information on the actions the attackers performed during the incident, revealing that automation was used to modify subreddits en-masse.
“Even one of the subs I’m just an in-active mod, it changed all their stuff and deleted those below me in the mod list,” the moderator reveals.
The attackers posted messages that contained Chinese characters and which encouraged users to vote for Trump in the 2020 presidential elections in the United States.
While resolving the security incident, Reddit urged moderators to adopt 2FA to prevent similar attacks from happening. One administrator even noted that 2FA might become a requirement for moderator accounts.
Related: Reddit Locks Down Accounts Due to ‘Security Concern’
Related: Attackers Circumvent Two Factor Authentication Protections to Hack Reddit
Related: How the FBI Identified Twitter Hackers