Knowlesys

Kodi confirms data breach

Kodi, a provider of open source media player software, has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages.

More importantly, unknown threat actors attempted to sell a data dump containing 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace.

"MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February," Kodi said in an advisory.

The threat actor then misused the account to create backups of the database, then downloaded and deleted those backups. Existing nightly full backups of the database were also downloaded. The account in question has now been deactivated.

Each nightly backup contains all public forum posts, team forum posts, messages sent via the user-to-user messaging system, and user information such as forum usernames, email addresses used for notifications, and encrypted (hashed and salted) passwords generated by the MyBB software.

Kodi stated that there is no evidence that the threat actors managed to gain unauthorized access to the underlying servers hosting the MyBB software. It further emphasized that the legitimate account owner did not perform malicious actions on the management console, which suggests credential theft.

Out of an abundance of caution, the maintenance staff indicated that work is underway to initiate a global password reset. If the same password is used, users are advised to change it on another site.

In the meantime, the company shut down its Kodi forums, noting that it was debugging new servers and that the activity was expected to last " several days. It also plans to redeploy the forums on the latest version of its MyBB software.

As an additional security measure, Kodi is enhancing access to the MyBB administration console, modifying administrator roles to limit permissions, and improving audit logging and backup processes.



銆怤etwork Security銆戔棌9 popular malicious Chrome extensions
銆怰esources銆戔棌The Achilles heel of AI startups: no shortage of money, but a lack of training data
【Artificial Intelligence】●Advanced tips for using ChatGPT-4
銆怰esources銆戔棌The 27 most popular AI Tools in 2023
【Web Intelligence Monitoring】●Advantages of open source intelligence
【Open Source Intelligence】●10 core professional competencies for intelligence analysts
銆怤ews銆戔棌Access control giant hit by ransom attack, NATO, Alibaba, Thales and others affected
銆怬pen Source Intelligence銆戔棌5 Hacking Forums Accessible by Web Browsers