Friday, March 1, 2024

Kodi Hacked – Attackers Stole the Forum Database

The Kodi Foundation learned that a dump of the Kodi user forum, MyBB software, was being sold on online forums.

Kodi is a multi-platform, open-source media player, manager, and streaming suite. It supports a wide range of third-party add-ons, which give users access to content from numerous sources and let them personalize their viewing.

A total of 3 million posts were made on the Kodi forum by its 401,000 users, who used it to talk about media streaming, share new add-ons, offer help, and more.

Attackers Stole the Forum Database by Logging into the Admin Console

Reports say MyBB admin logs reveal that on February 16 and February 21, the web-based MyBB admin console was accessed using the account of a reliable but presently inactive member of the forum admin team.

Database backups were made using the account, downloaded, and then removed. It also downloaded the database’s existing nightly full backups. The account owner indicated they did not perform these operations using the admin console.

The admin team disabled the compromised account after this incident and started to investigate.

“The nightly full backups that were downloaded expose all public forum posts, all team forum posts, all messages sent through the user-to-user messaging system, and user data including forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB (v1.8.27) software”, according to Kodi Forum Data Breach Notification.

Kodi has not yet discovered proof of unauthorized access to the MyBB software server.

Kodi cautions that even if the passwords were hashed and salted, they should all now be regarded as compromised. The admin team is planning a global password reset that may unavoidably affect service availability.

“Users must assume their Kodi forum credentials and any private data shared with other users through the user-to-user messaging system is compromised,” suggest Kodi.

“If you have used the same username and password on any other site, you should follow the password reset/change procedure for that site.”

Setting Up a New Forum Server

The administrators of Kodi told the community earlier today that they are setting up a new forum server even though they have not detected any indications of intrusion on the current ones.

With the most recent MyBB release, the forum will be relaunched. A delay of several days is expected because there is a lot of work to backport security fixes and incorporate customized functional modifications.

Also, Kodi is adopting the uncommon step of providing the Have I Been Pwned data breach reporting service with a list of exposed email addresses linked to forum accounts.

Subscribers of the Have I Been Pwned service will be notified if their email address was among the exposed data once this data has been placed into HIBP. If you don’t subscribe to HIBP, you may still input your email address to view a list of all data breaches that include it.

“The admin team would like to conduct formal penetration testing once the forum and other services are back online,” Kodi said.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Related Read:


Latest articles

Golden Corral restaurant chain Hacked: 180,000+ Users’ Data Stolen

The Golden Corral Corporation, a popular American restaurant chain, has suffered a significant data...

CISA Warns Of Hackers Exploiting Multiple Flaws In Ivanti VPN

Threat actors target and abuse VPN flaws because VPNs are often used to secure...

BEAST AI Jailbreak Language Models Within 1 Minute With High Accuracy

Malicious hackers sometimes jailbreak language models (LMs) to exploit bugs in the systems so...

Hackers Hijack Anycubic 3D Printers to Display Warning Messages

Anycubic 3D printer owners have been caught off guard by a series of unauthorized...

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

Stellar Cyber, the innovator of Open XDR, today announced that RSM US – the leading provider...

Biden Crack Down Sale of Americans’ Personal Data to China & Russia

To safeguard the privacy and security of American citizens, President Joe Biden has issued...

Kali Linux 2024.1 Released – What’s New

Kali Linux recently released version 2024.1, the first release of the year 2024, with...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles