Anatomy of a Domain Hijacking, part 2: The Website Who Came In From The Cold

When was taken I swore a solemn oath to myself:

My relentless campaign of jokes and nonsense will not be stopped.

And now, just a couple of long weeks later, here I am, happy to report I'm back in control of

Right when I was ready to migrate over to, I got an email from the Russian registrar, Regtime Ltd, saying:

Sorry  for answer delay. Domain was transferred onto you account.

The number one thing, I think, that helped get the site back was when a good friend, Madina, translated a lengthy email into fluent Russian for me to send to the Russian Registrar.

She re-structured the email to put the sob-story up front, all about how much personal meaning this site has for me, and the positive effects it has had on my life. I think that did the trick.

So what did we learn?

I learnt that passwords at google can be brute forced, if pop is enabled. This can be sped up by use of multiple IP addresses, or a botnet.

That's the most likely way they got access to my account. My password was 'good' by gmail standards but is now 'freaking solid' by any standard.

And I've turned on 2-step verification, plus all the other recommendations from part 1.

Thanks for the encouragement and support. It was dark times, but now the nonsense can continue.


I'm currently writing a book about how to build your first product. If you want to build your first product, please sign up to be notified when the book is available.

(By the way, I read every comment and often respond.)

Your comment, please?

Your Name
Your Url (optional)
Note: I may edit, reuse or delete your comment. Don't be mean.