The controversial Kiwi Farms online forum has reportedly been hacked, leaking user information from some accounts.
The site, which describes itself as a "community dedicated to discussing quirky people who deliberately make fools of themselves," has had an extremely murky history since its inception in 2013, being linked to at least three suicides and the mosque shooting. of Christchurch. 2019. in New Zealand.
Kiwi Farms has struggled to find support within the tech industry, with cloud hosting infrastructure companies Cloudflare and DDoS-Guard recently opting out of providing their services to the site, causing it to become inundated with DDOS attacks.
What really happened?
Joshua Moon, the de facto leader of the website, said in a statement (opens in a new tab) that "a bad actor was able to upload a web page disguised as an audio file" to XenForo, using the audio encoding format with loss .OPUS. .
ZenForo is a commercial internet forum software package used to create forums like Kiwi Farms.
According to Moon, the attacker "was able to load this web page (probably as an inline frame), causing random users to make automated requests and send their authentication cookies off-site, so the attacker could use them to access their account".
Moon added; “Once they gained access to the ACP, they tried to download user data and XenForo offers a way to export user lists with specific information: email, username, last activity, registration date, user status (banned/unbanned). verified), post count, and whether they are personal.
However, the hackers' requests "did not appear to be successful as they requested too many records at once," according to the administrator.
Moon admitted that his own administrator account "was compromised by this mechanism."
Kiwi Farms' statement on this says that all users should assume their passwords have been stolen.
Additionally, users should assume that their email addresses have been leaked and they should also assume that any IP address they have used on their Kiwi Farms account in the last month has been leaked.
- Do you want to guarantee the security of your organization? Check out our guide to the best firewalls