The operators of a site known to most observers for being in a recent state of flux have announced a forum breach. Kiwi Farms, which gained a reputation for sophisticated trolling and doxxing, was recently dropped by Cloudflare after a sustained campaign to have the DDoS mitigation and cloud hosting service abandon the forum.
The site has since returned, but with a major problem: a breach which potentially reveals a large amount of user data.
The breach revealed
The site creator had the following to say in relation to the compromise:
The forum was hacked. You should assume the following.
Assume your password for the Kiwi Farms has been stolen.
Assume your email has been leaked.
Assume any IP you've used on your Kiwi Farms account in the last month has been leaked.
The attack made use of the synergy between the main forum site and a second site, XenForo. The latter is a commercial internet forum software package written in PHP. Attackers created a webpage disguised as an audio file to XenForo, loading this page elsewhere in a manner which caused user authentication cookies to be sent off-site. The main admin account for the forum was apparently hijacked in this same fashion.
The operators of a site known to most observers for being in a recent state of flux have announced a forum breach. Kiwi Farms, which gained a reputation for sophisticated trolling and doxxing, was recently dropped by Cloudflare after a sustained campaign to have the DDoS mitigation and cloud hosting service abandon the forum.
The site has since returned, but with a major problem: a breach which potentially reveals a large amount of user data.
The breach revealed The site creator had the following to say in relation to the compromise:
The forum was hacked. You should assume the following.
Assume your password for the Kiwi Farms has been stolen.
Assume your email has been leaked.
Assume any IP you've used on your Kiwi Farms account in the last month has been leaked.
The attack made use of the synergy between the main forum site and a second site, XenForo. The latter is a commercial internet forum software package written in PHP. Attackers created a webpage disguised as an audio file to XenForo, loading this page elsewhere in a manner which caused user authentication cookies to be sent off-site. The main admin account for the forum was apparently hijacked in this same fashion.
Main admin needs to retake admin class