Blogger Behind Orange Politics Gets Hacked
Pictured: Site to which Orange Politics was re-directed
CHAPEL HILL – Ruby Sinreich is a local political activist and computer programmer who hosts the popular blog, Orange Politics. This week, she watched her entire virtual life get hacked, losing control of her email, twitter and even Orange Politics.
“My entire field is using the internet for work, organizing, and buildings communities,” Sinreich said.
Sinreich says the hacker used a tactic called “social engineering,” not just brute force technical hacking, but systematically gaining control of one domain after another.
“It gave them control over all of the domains that I own, which includes my personal email and Orange Politics,” Sinreich said. “But it wasn’t just those—it also included clients or employers in that past where if I registered a domain name for them, the hacker could then had access to all of those.”
The hacker changed her Twitter account to a different name and then created a new account using her original name. He next went to a hacker forum, attempting to sell her original name, @Ruby, for $80.
On top of that, the hacker re-directed the Orange Politics site to his own site—psycho.org—which displays a demonic picture on the homepage.
Twitter, and her main domain host, Dreamhost, refused to assist Sinreich after the hacking, as she couldn’t access those accounts or her email to verify herself as the user.
Sinreich has used Twitter for six years, gained about 3,000 followers, and was not willing to give her social-media clout up.
Finally, this past Tuesday, Sinreich got in control of the situation after hours of working backwards—proving that she was in fact the real Ruby Sinreich.
But she says there is a way to prevent the hacking using what called two-step authentication.
“I strongly recommend using two-step authentication whenever a server allows you to,” Sinreich said. “Also, you have to use a different password on every site because if a hacker gets into one site, you don’t want them using it on other sites.”
Sinreich documented the entire fiasco on her blog.