Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Security

Kiwi Farms Breached; Assume Passwords, Emails, IP Addresses Have Leaked (arstechnica.com) 76

ArsTechnica reports: The head of Kiwi Farms said the site experienced a breach that allowed hackers to access his administrator account and possibly the accounts of all other users. On the site, creator Joshua Moon wrote: "The forum was hacked. You should assume the following. Assume your password for the Kiwi Farms has been stolen. Assume your email has been leaked. Assume any IP you've used on your Kiwi Farms account in the last month has been leaked."

Moon said that the unknown individual or individuals behind the hack gained access to his admin account by using a technique known as session hijacking, in which an attacker obtains the authentication cookies a site sets after an account holder enters valid credentials and successfully completes any two-factor authentication requirements. The session hijacking was made possible after uploading malicious content to XenForo, a site Kiwi Farms uses to power its user forums.

This discussion has been archived. No new comments can be posted.

Kiwi Farms Breached; Assume Passwords, Emails, IP Addresses Have Leaked

Comments Filter:
  • I guess I'm not geeky enough to know why I should care about this site.
  • "the Internet forum best known for organizing harassment campaigns against trans and non-binary people" Karma's a bitch. https://en.wikipedia.org/wiki/... [wikipedia.org]
    • by AmazingRuss ( 555076 ) on Monday September 19, 2022 @02:21PM (#62895557)
      So where do we go to organize harassment campaigns against the people in the leaked data?
    • Re: (Score:1, Flamebait)

      by pete6677 ( 681676 )

      Bull fucking shit. They only "harass" those troons that throw themselves at children.

      Fuck groomers. They deserve to be exposed and deplatformed.

  • I'm not a Kiwi farmer (don't even have any Kiwi bushes in my garden), so I guess this does not apply to me?
    • But do you farm New Zealanders? It would apply then.

      (I have no idea what the fuck "Kiwi Farms" is, and the "editor" who posted the summary couldn't be fucked to tell us, and I can't be fucked to go look)

      • by rossdee ( 243626 )

        Did you know that the Kiwifruit was originally called the Chinese Gooseberry/
        and they are grown in orchards, not farms.
        The Kiwi is a nocturnal flightless bird, almost extinct. and only found in captivity or in a couple of small islands that have been cleared of predators like cats or weasels.

        Of course it was doing ok before humans came to NZ bringing said predators.

  • I am not going to celebrate any hack, but I will say it couldn't have happened to a nicer bunch of people. I'm sure whoever did this will take good care of their information and treat the members of the forum as nicely as they have everyone else.

  • by King_TJ ( 85913 )

    Wired, which just recently published this article about the whole Kiwi Farms thing:

    https://www.wired.com/story/ke... [wired.com]

    Sounds to me like their site's days were numbered regardless of this hack, if they upset people enough that even Cloudflare agreed to block them.

    • by Anonymous Coward

      Maybe, just because a lot of people have a hateboner for them, just as they have in return, but it looks like some of the stuff that went on may have been staged. You can see their side of things here [t.me].

    • by jwhyche ( 6192 )

      Doesn't Cloudflare host that outstanding site Stormfront? I would have find it hard to believe that would continue to host these bunch of wonderful people while giving a bunch of poor kiwi farmers the boot.

      Yes, I'm being facetious.

      For those out of the loop, Stormfront is a lame ass white surpremest site featuring a bunch of knuckle dragging racists. I've never been to kiwi farms but if what they where doing over there was so bad that Cloudflare gave them to boot while keeping stormfront around, it mu

  • by Lohrno ( 670867 ) on Monday September 19, 2022 @02:04PM (#62895517)

    Oh no. That's terrible. What a shame.

  • by CAIMLAS ( 41445 ) on Monday September 19, 2022 @02:10PM (#62895533)

    So I'm guessing there are a couple departments at the FBI where people will be moving and changing their names?

    • by AmiMoJo ( 196126 )

      You would hope that the FBI was monitoring posts on that forum as a matter of routine, but it appears not.

      So far the only prosecution has been by German authorities, and they had the evidence handed to them. It's only a prosecution for trolling too, not murder.

  • Anyways...

  • 3 out of first 5 replies don't know what the fark this story is about.

    Because the "Editor" either does not know their audience.

    Or doesn't want to do their job.

    Or does not give a shit.
  • Those who live by the sword, die by the sword.

    Those who live by the dox, die by the dox.

  • A solution that would make this kind of thing more difficult would be to tie the session to an IP address, or possibly even device ID for mobiles. It wouldn't protect against this kind of thing happening, but it would require another level for the hacker to spoof these values when using the session token...

    With only IP address verification, mobile users would have to re-login when they transitioned from wifi to cell and back, but for administrative accounts like his, this would be a small price to pay to pr

  • Trying to imagine why they were allowing iframe embeds of uploaded files.
  • Blocked and Reported podcast just did a two-part series on the Kiwi Farms / Keffals incidents that were in the news lately. It's a complicated saga involving some weird characters. There's a lot more detail to it than what was reported in the major news media. Here's part 1:

    https://www.blockedandreported.org/p/episode-131-who-is-stalking-the-twitch#details [blockedandreported.org]

  • by rsilvergun ( 571051 ) on Monday September 19, 2022 @03:05PM (#62895701)
    this site was a haven for the absolute worst of the Internet. If you got kicked off 4chan, went to 8chan, and then got kicked off 8chan you went here.

    First and foremost the site is fully of overt white supremacists. Many of who would like to keep that on the down low.

    But it's also where you went to commit crimes. Lots of them. Swattings, Doxxing, cyber stalking and IRL stalking. You name it.

    If this data makes it's way into law enforcement's hands a whole lot of people are gonna get a visit from your friendly neighborhood policemen. Which is ironic since publicly these are all "back the blue" types.
    • First and foremost the site is fully of overt white supremacists. [...] gonna get a visit from your friendly neighborhood policemen.

      Why, are they planning on having a BBQ? The police bend over backwards to protect white supremacists. There's not going to be any fallout from this beyond a few very liberal district attorneys shaking a finger at these guys, and the cops predictably shrugging over it.

  • That is all.
  • is the dump?
  • Give them a taste of their own medicine.
  • And that's why you should never hotlink third-party domains on your website.

Keep up the good work! But please don't ask me to help.

Working...