1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Kiwi Farms says it has been hacked and user details leaked

    From TechnologyDaily@1337:1/100 to All on Tue Sep 20 14:45:04 2022
    Kiwi Farms says it has been hacked and user details leaked

    Date:
    Tue, 20 Sep 2022 13:23:27 +0000

    Description:
    Controversial online forum was the victim of a sophisticated cyberattack.

    FULL STORY ======================================================================

    Controversial online forum Kiwi Farms has reportedly been hacked, with the user details of some accounts being leaked as a result.

    The site, which describes itself as a "community dedicated to discussing eccentric people who voluntarily make fools of themselves", has had an extremely muddied history since it was founded in 2013, being linked to at least three suicides and to the 2019 Christchurch Mosque shooting in New Zealand.

    Kiwi Farms has struggled to find support within the tech industry, with cloud hosting infrastructure companies Cloudflare and DDoS-Guardrecently choosing
    to stop providing their services to the site , causing it to become overrun
    by DDOS attacks. What actually happened?

    Joshua Moon, the defacto leader of the website said in a statement that "a
    bad actor was able to upload a webpage disguised as an audio file" to
    XenForo, using the .OPUS lossy audio coding format.

    ZenForo is a commercial Internet forum software package used to build forums such as Kiwi Farms

    According to Moon, the attacker was then "able to load this webpage (probably as an inline frame), causing random users to make automated requests and send their authentication cookies off-site, so that the attacker could use it to gain access to their account".

    Moon added; "Once they had access to the ACP, they attempted to download user data, and XenForo provides a way to export user lists with information that
    is precise: email, username, last activity, register date, user state (banned/unverified), post count, and if they are staff."

    However, the hackers requests "did not appear to go through because they requested too many records at once" according to the administrator.

    Moon admitted that his own admin account "was compromised through this mechanism". READ MORE:

    Plex confirms data hack, user details and passwords stolen

    Heroku confirms user details were stolen by hackers



    Our guide to the best endpoint protection

    Kiwi Farms' statement on the matter said all users should assume their passwords have been stolen

    In addition, users should assume that their email addresses have been leaked and they should also assume any IP they have used on their Kiwi Farms account in the last month has been leaked. Want to keep your organization safe and secure? Check out our guide to the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/news/kiwi-farms-says-it-has-been-hacked-and-user-det ails-leaked/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)