, a forum that has long been accused of fomenting online and real-world harassment campaigns, says someone hacked into its proxy service and website. What by cybersecurity researcher Kevin Beaumont, told users in a Telegram message that all avatars had been changed to another website’s logo (said to be another so-called “free speech” forum) and that ” each node in the forum index was removed one at a time.”
While Kiwi Farms apparently has backups and none of the forum data has been permanently deleted, users’ personal information may have been compromised. Founder Joshua Moon told users to assume their email and password information was obtained, as well as the IP address of any device they’ve used to access Kiwi Farms in the last month.
“I don’t know for sure if any user information was leaked. In my access logs, they tried to download all user logs at once,” Moon wrote in a statement on the Kiwi Farms website. “This caused an error and no output was returned. I turned everything off shortly after. If they pulled information through some other mechanism, I can’t say with confidence either way.”
The hacker is said to have used an injected script to collect data from users’ systems. Moon said his administrator account was accessed as a result of this method. Moon added that he would restore the site from backup, but noted that the process (as well as reviewing Kiwi Farms’ security procedures) would take some time. However, he noted today on Telegram that he had to take a week off to attend to a family emergency.
Earlier this month, Kiwi Farms was effectively following up on an effort to take down the forum. Streamer and political commentator Clara “Keffals” Sorrenti, a prominent target of a harassment campaign that allegedly stemmed from the website, started the movement to take down Kiwi Farms. While Moon was later able to bring the forum back online By other means.
Cloudflare, a DDoS protection company, due to a significant increase in targeted threats originating from the site. That seems to have played a role in this weekend’s hack. “Cloudflare not only provided DDoS protection, but also featured many popular exploits like this,” Moon wrote.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at time of publication.