Hate Site Hacked — Kiwi Farms is ‘Very, Very Owned’

Kiwi Farms, the notorious web forum for harassing feminists, the neurodivergent and LGBTQ+ people, has itself suffered the ultimate harassment. Its services were secretly infected for weeks by an injected script that exfiltrated data about its users.

And now the site is down—hackers nuked its database. Site founder, Joshua “Null” Moon, is unrepentant for the forum’s goal to drive victims to suicide.

AWS Builder Community Hub

Next we expect leaks of user details. In today’s SB Blogwatch, we get slapped in the face with the irony fish.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Bovine CFD.

Doxxers Doxxed — Swatters Swatted?

What’s the craic? Kris Holt reports—“Kiwi Farms says someone hacked its website”:

Significant increase in targeted threats
Founder Joshua Moon told users to assume that their email and password information has been obtained, as well as the IP address of any device they’ve used to access Kiwi Farms in the last month. … Moon said they accessed his admin account [and] used an injected script to gather data.

Earlier this month, Kiwi Farms was effectively forced off of the open web following an effort to take down the forum. … Cloudflare, a DDoS protection company, kicked Kiwi Farms off its service due to a significant increase in targeted threats originating on the site. … Some Kiwi Farms users are turning on Moon over the incident.

Kiwi Farms? Remind me. Josh Taylor does his best—“Kicking Kiwi Farms off the internet”:

A lot of revolting content
An internet forum known for its active targeting and harassment of trans people, Kiwi Farms has also been blamed for suicides after people were hounded offline – and sometimes out of their homes – by a firehose of vitriol coordinated and directed from the site. … As the #dropkiwifarms hashtag trended, Cloudflare’s social accounts were inundated. The company initially tried to deflect responsibility.

But in early September, Cloudflare ultimately backed down. … Since Cloudflare dropped Kiwi Farms, the activists have been playing whack-a-mole to keep the site offline. … Last week, the roving spotlight landed on a new player called Diamwall. Open to the public for only a month, the Portugal-based content delivery network (CDN) provider … filters website traffic and blocks malicious requests.

It wasn’t long before Diamwall’s CEO, Hugo Carvalho, was explaining his decision to do the same: … “We started digging more and more [and] we found that Kiwi Farms hosts a lot of revolting content. … We really do not want to have anything to do with it.”

Who broke the story? Our old mate Kevin Beaumont—@GossiTheDog:

Very, very owned
Kiwi Farms’ proxy service and Kiwi Farms itself has been hacked. … Users might want to change their passwords and consider DMs etc may be compromised.

Joshua (the Admin) … appears to know technically what he’s doing. … He had two factor on his admin account it appears, but they stole his session cookie for the forum software via the front end HTTP proxy being owned.

There was … a script injected for a month on Kiwi Farms called Troonshine, gathering information and credentials from users. … They look very, very owned. … They might need to rebrand to Kiwi Leaks.

Schadenfreude much? But is it fair to wish harm on people who wish harm on people? iloving says yes:

Evil people never see themselves as evil, so appealing to basic decency is completely pointless. I hope [Joshua Moon] and everyone who uses that cesspool get nailed to the wall with every bit of brutality that they inflicted on others.

Turnabout is fair play? dirk seems to think so:

Well then. I am not going to celebrate any hack, but I will say it couldn’t have happened to a nicer bunch of people. I’m sure whoever did this will take good care of their information and treat the members of the forum as nicely as they have everyone else.

Dump in 3 … 2 … 1 …? philippejara is waiting:

Find it quite weird how there was no database dump yet, can’t see a reason to hold on to it. … Owner claims there was not much to leak due to good opsec from users after the 2019 leak so we’ll see.

Does this cloud have a silver lining? Trust FerociousLabRetriever to find it:

One of the only positives with all the depressing events going on right now is that ****ty people are identifying themselves for society, whether they realize it or not. … These people make it easy for us to know who they are.

As the saying goes, “Sunlight is the best disinfectant.” I can’t think of a better cure for someone who secretly doxxes people than having their identity leaked.

And it’s even more ironic than we thought. As rsilvergun points out:

If this data makes it’s way into law enforcement’s hands a whole lot of people are gonna get a visit from your friendly neighborhood policemen. Which is ironic since publicly these are all “back the blue” types.

This site was a haven for the absolute worst of the Internet. If you got kicked off 4chan, went to 8chan, and then got kicked off 8chan you went here. … The site is full of overt white supremacists. Many of whom would like to keep that on the down low. But it’s also where you went to commit crimes. … Swattings, doxxing, cyber stalking and IRL stalking. You name it.

Meanwhile, passivesmoking sarcastically channels Jeremy Clarkson:

Oh no! I hope nobody gets their online harassment activity on that site leaked to their employers! That’d be terrible!

And Finally:


Hat tip: evil_andy

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: Andre Hunter (via Unsplash; leveled and cropped)

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 492 posts and counting.See all posts by richi