On Friday, a group of Wikipedia vandals replaced Donald Trump’s lead picture with an image of a penis, a vandalism successful enough that it was eventually picked up by Siri. But in the days since, the same page has been hit with a string of more sophisticated attacks determined to keep the penis vandalism in place in violation of Wikipedia standards.

At least five edits have been made to the Donald Trump page in the days since the initial attack, often disguising the penis picture a more innocuous file name like “64 year old 3.JPG.” Different penis images were used in each vandalism, possibly to circumvent file-fingerprinting techniques.

“I don’t know how many of these accounts the hacker has, but it’s a lot.”

The Trump page is currently under extended confirmed protection, which means it can only be edited by accounts older than 30 days which have made more than 500 edits. The system is meant to allow organic updates to a page while protecting it from vandals or bots, which presumably would not maintain an account for a full month for the sake of a single joke. Many of the attacks also affected Wikipedia’s main page, only the third main-page vandalism since 2016.

But this latest crop of penis vandals seems to have found a way around the edit lock. According to Wikipedia admin TheSandDoctor, the most recent penis-replacement edits were made using hacked accounts, using trusted editors to smuggle in vandalizing edits. At least one admin account was compromised as part of the attack.

Wikipedia offers two-factor protection for admin accounts, but many of the compromised accounts did not have it in place. Most of the editor accounts had been left inactive for months, making it likely that they would have been vulnerable to conventional account takeover techniques. Four accounts have been indefinitely blocked from editing as a result of the attack.

So far, editors are dealing with the issue through close scrutiny of any new edits to the page, and a new focus on account security. “I don’t know how many of these accounts the hacker has, but it’s a lot,” one administrator wrote on the page’s open edit forum. “I know it’s unusual/unheard of to lock an article like this, but if we have to, we have to.”