Lead article image

Jason Reed

‘Well f*ck’: Kiwi Farms users freak after owner says site hacked, emails may leak

The scope of the breach is currently unknown.

 

Claire Goforth

Tech

Posted on Sep 19, 2022   Updated on Sep 19, 2022, 1:56 pm CDT

Trouble continues for the far-right message board Kiwi Farms. Over the weekend, the site posted a bleak notice that it’s been hacked, warning users to assume their data will leak.

Kiwi Farms faced a barrage of scrutiny in recent months over users targeting a transgender activist and popular Twitch streamer. The pressure campaign, first reported by the Daily Dot, led Cloudflare to drop the message board earlier this month.

Since then, Kiwi Farms has bounced from provider to provider in countries around the world.

Many anticipated that the site, which is notorious for facilitating doxing and swatting, would eventually be hacked.

Kiwi Farms now says these predictions have come true. As of Monday, a static page on the site alerts users that it’s been hacked and warns them to assume that their passwords have been stolen and emails and IP addresses leaked.

In Body Image
Static landing page on Kiwi Farms as of Monday. Kiwi Farms

The warning signed by Kiwi Farms owner Josh Moon states, “I do not know for sure if any user information was leaked. In my access logs, they attempted to download all user records at once. This caused an error and no output was returned.”

Elaborating, Moon claimed that Kiwi Farms’ offshore hosting provider was compromised. He wrote that the person or persons responsible accessed an unknown number of user accounts, including his admin account.

He attempted to reassure subscribers that their emails, usernames, recent activity, posts, and other data probably are safe, however, because the infiltrator requested too much data at once.

However, he admitted, “It’s impossible to say if they acquired user data through other means, but I did not see any other attempt to complete this transaction or otherwise scrape user data.”

Moon said that he’ll have to reformat and reinstall the entire site before it can be restored. “I need to completely evaluate my security from the top down,” he added.

On Monday, Moon posted an update claiming to have found the source of the attack, though not the identity of the alleged attacker(s).

Kiwi Farms verified the breach in a post on its Telegram channel. It said that it occurred on Saturday and added that whoever was behind it changed everyone’s avatars to logos from another site the following day. It declined to name which site that was.

People quickly began speculating about what Kiwi Farms’ data will reveal in the event that it leaks.

“I wonder how many politicians, TERFs, and cops are signed up?” @EliErlick tweeted.

On Monday, an unverified report surfaced that someone posted and quickly deleted a sample of the data. Twitter user @DropKiwifarms acknowledged that the data could’ve “been spam or fake.”

Some were reassured by Moon’s confidence that none of the data was lost. But overall the mood in the Kiwi Farms Telegram chat was a mix of panic, anger, and dismay.

“How does this shit just keep escalating in spite of everything?” wrote one. “What the fuck is going on?”

“Well fuck,” said another.

Share this article
*First Published: Sep 19, 2022, 1:55 pm CDT