- Millions of Fortnite accounts exposed via Epic Games website exploit 3 Years Ago
- A man found a camera in his Airbnb and the company didn’t seem to care 3 Years Ago
- A redditor planted an Easter egg in Hulu’s Fyre Fest doc 3 Years Ago
- This new revelation about Woody from ‘Toy Story’ will blow your mind Today 1:35 PM
- Dave Rubin fails to delete Patreon on livestream to delete Patreon Today 1:14 PM
- The ‘some of y’all… and it shows’ meme is taking over Twitter Today 12:24 PM
- ‘Star Trek: Discovery’ begins season 2 on a cheerful note Today 11:49 AM
- Climate change memes are disrupting the feel-good ’10 year challenge’ Today 11:48 AM
- Mysterious Washington Post parody predicts Trump’s resignation Today 11:42 AM
- YouTube cracks down on challenges, pranks Today 11:04 AM
- Upskirting will soon be illegal in England Today 10:45 AM
- Jake Paul calls Keemstar a ‘piece of trash’ for ‘body-shaming’ Erika Costell Today 10:18 AM
- Sprint promises to stop selling location data after outcry Today 9:53 AM
- Kirsten Gillibrand announces presidential bid—and Al Franken diehards are salty Today 9:49 AM
- How to watch ‘Married at First Sight’ online for free Today 9:43 AM
Largest Bernie Sanders community on Reddit briefly falls victim to hacker prank
The hackers say they support Donald Trump.
Two pranksters say they rendered the subreddit, r/SandersforPresident, unusable for four minutes on Sunday night. Their malicious modification to the community’s webpage caused it to devolve into a chaotic spiral of flashing neon.
Moderators rapidly shut down the stunt, but not before some in the community took notice.
“So, short answer: yes; long answer: yes,” Alex Stigler, one of the moderators of Sanders for President, said in an email confirming the breach, “but it was absolutely inconsequential. We’ve been waiting for and expecting such chicanery for a while.”
Sanders for President, which boasts more than 164,000 users, has become one of the independent Vermont senator’s central hubs of online activism. The volunteer community is responsible for helping drive large crowds to Sanders’ presidential campaign stops. Last week, the community raised more than $1 million for the Sanders campaign, and the moderators have instituted myriad tools to help get out the vote for Sanders.
The pranksters, who go by the names boots and Teridax, claimed responsibility for the hack in Twitter direct messages with the Daily Dot on Sunday evening. Boots said that they gained access to a moderator’s account by using a password that was included in the dump of a “particular online streaming service in 2013.” The attacker would not confirm the name of the service, only that “it’s a public dump that’s been on the open Internet since 2013.”
The hijacked moderator account gave the pair access to the subreddits’ CSS code—the underlying data that tells your browser how to display the webpage—into which they injected a modification that crashed the sites’ functionality while still leaving it accessible.
Boots provided screenshots of a moderator’s account and said they had control of an account that was added as a moderator. The name that appears in the screenshots was listed as a moderator of Sanders for President, but the account has since been deleted.
“I’m not sure I’d say that the subreddit was ‘hacked,’ but an account was compromised momentarily,” said Stigler, who also serves as a lead organizer at Grassroots for Sanders. “In that time, they were able to change the CSS such as to render the subreddit unusable; however, as we keep back-ups of everything, the changes were reversed in a matter of minutes.”
Stigler confirmed that Sanders for President mods notified Reddit administrators, who added “additional security measures … as a response.”
In a public post on Sanders for President, the moderators explained what happened.
“Yes, the CSS went haywire for a second. The problem has been fixed,” subreddit moderator writingtoss posted. “Don’t get distracted by trolls.”
Writingtoss later updated the post, confirming that “a moderator’s account was compromised and used to tamper with our CSS. It’s been resolved and proper measures have been taken. Don’t get distracted. 22 hours to Iowa.”
The code that was inserted into the CSS file, making the subreddit unreadable and unusable, came from the r/reubenmchawk subreddit, boots said, which looks like that on purpose.
Screengrab via r/SandersforPresident
Once named one of Forbes’ 20 Under 20 and hired as a staff writer for the Daily Dot when he was still a senior in high school, William Turton is a rising tech reporter focusing on information security, hacking culture, and politics. Since leaving the Daily Dot in April 2016, his work has appeared on Gizmodo, the Outline, and Vice News Tonight on HBO.