Yet another ostentatious display of privilege from someone who certainly won’t be cancelled for it

My business is that of cybersecurity. I’ve worked with Fortune 500 ranked companies, small businesses, political candidates, and nonprofits to improve their information security programs and keep their organizations safe.

In my industry, white hat hackers work tirelessly to keep the world safe from the consequences of potentially disastrous vulnerabilities in computer systems and code. Our world is one of adversaries, threat intelligence, forensics, and policy and legal work —

So I’m sure you can imagine my surprise as I clicked through to Vanity Fair’s latest video interview with award-winning musical artist (and two-time Elon Musk baby mama) Grimes in which she admits to blackmailing, extorting, and hacking a media opponent — a blogger.

Don’t believe me?

Watch the following clip from the longer video for yourself:

youtube.com

An interview with Grimes is Vanity Fair’s cover story for their April 22 issue, and their interviews often include a video component. Captions are available on the above clip, and here’s a transcript. The topic of my post today isn’t mentioned in the written piece, as it appears to be an off-the-cuff response to a photograph selected by producers which may or may not have been okayed ahead of filming by Grimes herself.

So the story goes:

A well-known and pseudonymous blogger, “Carles”, who ran a popular indie music blog called Hipster Runoff (popularly referred to as “HRO”), published a post in early 2012 which was unflattering to Grimes, among others he had previously posted. She didn’t like this, so in March 2012 Grimes enlisted a friend in the video game industry to send a Distributed Denial of Service attack (a type of attack intended to knock someone’s systems offline) aimed at this blogger’s website. She implies her friend who was employed at the video game company used his access to the company’s systems to perform this attack. The video appears to be edited as she is making this statement.

I was able to find an interview written by Motherboard which describes the attack from the blogger’s perspective, which sounds quite a bit more involved. The author of the piece, who eventually went on to become VICE’s Editor in Chief, wrote that the site’s backups had also been destroyed and its server crashed, which implies a bad actor or actors gained access to his system(s) through a strategic, malicious hack, which would be far more involved than simply sending large amounts of traffic to cause a DDoS attack.

Here are several relevant excerpts from that interview:

Clues about the hack…

Notably, the site owner mentions a migration to Drupal in 2009, which may have been the point of entry. In its early years, Drupal was plagued with security vulnerabilities, and if it had been installed in 2009 with potentially no updates since as indicated by the site owner, the server could have been vulnerable to a particularly nasty vulnerability called CVE-2008–6171 which could have enabled this type of hack.

Speculation aside, this disruption actually appears to have ended the blog, which was not able to restore from backups and subsequently placed up for sale in 2015.

The internet publication Stereogum wrote:

The site was then sold for $21K, and that was the end of that. VICE published a follow-up in 2015, and the blogger himself published an angry screed that didn’t even mention the hack, lending further credence to the possibility that he may have actually been blackmailed.

Was there blackmail?

Once an avid writer about Grimes, with titles such as, “Ohio school shooting teen TJ Lane listened to Grimes. Has fringe indie become the sound of teen angst?”, “Grimes acts like insane woman in new video. Does she look HOT, KRAZIE, or BOTH?”, and “Is Grimes the next BIG Indie Diva, or an overhyped product of the Corrupt Indie Machine?”, the site stopped posting anything about her between April 2012 and October 2013.

There was only one post mentioning her after the hack, and only in the mildest of contexts; an unusual about-face for a blog which once referred to Grimes as “some girl from Canada who dropped out of McGill University bc she was too free spirited 4 classes. Her music sounds like a baby voice goo goo gaa gaa-ing over some bleep bloop music”.

As for Grimes?

It is clear she knows this was wrong by the wording she uses in her Vanity Fair video interview. At 0m20s, she says she was:

“[…] trying to be, like, all integrity, and you know, start my career, and it was like ‘Grimes Gone Wild’ or something and it was just, this, like, super wack, like, mean story, and it was like this meme which was going all over the internet”, which I take to mean she was attempting to protect her integrity as a new artist, and the photograph taken of her and a friend at a party, which had been published by Hipster Runoff, was unflattering to her image.

About that image…

I was able to track the series of photographs themselves, some a bit racier than the one shown above, to LastNightsParty.com, a now-defunct site run by a Montreal-based musician and nightlife photographer. Montreal was the city in which Grimes lived in early 2012. This GIF I located on Tumblr which contains several of the images was copyrighted by that site/photographer.

So when Grimes starts out by saying, “Like I was just at a party with my friends. Someone took this photo and it got leaked to this website called Hipster Runoff”, I suspect she knew that the photos had not been leaked, but likely published openly on this NYC party scene website which had been quite popular for a decade and for which there is a glossy published hardcover coffee table book. I’m sure some enterprising young person with a lot of time can find the full set on archive.org. It seems like a misrepresentation to imply this was a private photo for which the blogger was deserving of retribution for publishing.

She continues to say her friend who “worked for, I will not say which video game, had access to… okay, well, I don’t want to get him in trouble. But anyway, we were actually able to DDoS Hipster Runoff and um, basically blackmail them, we were like, and like, we’re not gonna let you put your site back up until you take the story down. And he did in fact take the story down. And it was like my coolest hacker moment.”

A decade later, unfazed by time and experience, Grimes remains convinced this was a triumphant moment for her, and not an ethical lapse for which she should feel ashamed. For someone who can’t stop ranting about “wokeness” and “cancellation”, Grimes doesn’t seem concerned about any actual risk associated with admitting crimes to a major magazine, despite the fact that Canada does not have a statute of limitations on cybercrime.

Thanks for reading!