REDDIT HACK: Reddit moderators of popular subreddits were compromised this morning.

Major Reddit moderator accounts have been compromised, leading to the defamation of subreddits such as r/space, r/nfl, r/blackmirror and others. The hackers have left messages on some of the boards, such as /r/bostonceltics showing the following:

This occurred after the online malicious users took over a moderators account. This reddit account had special permissions to take over the entire subreddit and rebrand it with the Trump propaganda message.

Here is an example from r/space’s page:

Here is another from r/Bar_Prep, a popular subreddit for people studying the Bar, where the mods had some time to clean up:

Another from r/blackmirror:

The full list of subreddits that were compromised are shown below:

• r/3amjokes

• r/ANGEL

• r/Animemes

• r/awwducational

• r/bertstrips

• r/blackmirror

• r/blackpeopletwitter

• r/buffy

• r/CFB

• r/comedyheaven (currently private)

• r/CrewsCrew

• r/Dallas

• r/DestinyTheGame

• r/DeTrashed

• r/Disneyland

• r/dndmemes

• r/EDM

• r/food

• r/freefolk

• r/gamemusic

• r/gorillaz

• r/hentaimemes

• r/iss

• r/Japan

• r/Naruto

• r/nfl

• r/podcasts

• r/politicaldiscussion

• r/rupaulsdragrace (HOW VERY DARE THEY)

• r/ShitAmericansSay

• r/ShitPostCrusaders

• r/space

• r/StartledCats

• r/subaru

• r/Supernatural

• r/Sweatypalms

• r/telescopes

• r/vancouver

• r/WeAreTheMusicMakers

• r/weddingplanning

Thanks to SubredditDrama for compiling a list of compromised subs, and for explaining what to do if your subreddit is compromised. Here is the information pulled from their site just in case that subreddit goes down:

Mini “how to fix your sub” guide:

• Go to the mod log. Filter by the mod’s username (if you haven’t removed them yet, do so now); this will just show if there’s extra stuff to unfuck like their links/comments/etc.

https://www.reddit.com/r/<subname>/about/log/?mod=<modname>

• Go to the stylesheet history. Revert it.

https://www.reddit.com/r/<subname>/wiki/revisions/config/stylesheet

Just look for the last revision before the fuckery, and click “revert here”.

• Go to the edit stylesheet page. Remove their uploaded trump fuckery. They uploaded 3 images: biden, trump, and C. Delete them.

https://www.reddit.com/r/<subname>/about/stylesheet/

Luckily they didn’t remove images on the RPDR sub so it was easy to revert to the old style.

• Go to the sidebar history. Revert it if they made changes.

https://www.reddit.com/r/<subname>/wiki/revisions/config/sidebar

• Go to the description history. Revert it if they made changes.

https://www.reddit.com/r/<subname>/wiki/revisions/config/description

• Go to the automoderator history. Revert it if they made changes.

https://www.reddit.com/r/<subname>/wiki/revisions/config/automoderator

• go to the submit_text history. Revert it if they made changes.

https://www.reddit.com/r/<subname>/wiki/revisions/config/submit_text

• they also f**d with new reddit. So go to https://new.reddit.com/r/<yoursub>/?styling=true. I don’t see a way to revert changes there, so I just hit “reset to defaults”

The fix for most of the subreddits was pretty simple, and most of these subreddits are already reverted back to their previous look in under 30 minutes.

Takeaway:

• Use randomly generated 32+ character passwords from popular password managers like Bitwarden. Ensure each password stored is completely different. Make sure that you select all checkboxes to get a good mix of uppercase, lowercase, numbers, and special characters mixed in.
  • 
• Enable 2-Factor Authentication. Download a 2FA app on your smartphone or mobile device like Aegis Authenticator. The app is free, open source, and has great features to back-up your keys offline and is password/pin protected.