April 14, 2023Rabbi LakshmananData Breach / Cyber ​​Security

Kodi, an open source media player software provider, has confirmed a data breach after attackers stole the company’s MyBB forum database containing user data and private messages.

Additionally, an unknown attacker tried to sell data dump Consists of 400,635 Kodi users On the now-defunct BreachForums cybercrime marketplace.

“MyBB admin logs show that the account of a trusted but currently inactive member of the forums administration team was used to access the web-based MyBB admin console twice: on February 16th and It’s February 21st,” says Kodi Said in advisory.

The attackers then abused the account to create database backups, download them, and delete them. It also downloaded his existing nightly full backup of the database. The account in question is currently disabled.

The nightly backup includes all public forum posts, team forum posts, messages sent through user-to-user messaging systems, as well as forum usernames, email addresses used for notifications, encrypted (hashed and salted) contained user information such as passwords. MyBB software.

Kodi says it has no evidence that the attackers gained unauthorized access to the underlying servers hosting the MyBB software. Additionally, it highlights that the legitimate account holder did not perform any malicious actions in the management console, suggesting credential theft.

With due caution, the maintainer said work was underway to initiate a global password reset. Recommended.

upcoming webinars

Master the Art of Dark Web Intelligence Gathering

Learn the art of extracting threat intelligence from the dark web – join us for this expert-led webinar!

Save my seat!

Meanwhile, the company kodi forum It is also in the process of commissioning a new server, and this activity is expected to continue for “a few days.”

As an additional security measure, Kodi is tightening access to the MyBB admin console, revising administrator roles to limit privileges, and improving audit logs and backup processes.

Did you find this article interesting?Please follow us twitter and LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog