Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label MyBB. Show all posts

Forum Database Sold Online After Kodi Data Breach

 


Hackers have breached the Kodi Foundation's MyBB forum database, stealing user information such as email addresses and private messages which were tried to be sold online. 

In other words, it is an open-source, cross-platform media player, organizer, and streaming suite that includes several third-party options that allow users to access and stream content from a variety of sources as well as customize their experience as they see fit based upon their personal preferences. 

Several months ago, the Kodi Foundation published a statement revealing that it had been breached by hackers. This was after the organization's MyBB forum database, containing user information and private messages, was stolen and sold online. 

To create backups of the databases, the threat actors abused the account by downloading and deleting backups of the databases. The database's nightly full backups were also downloaded, in addition to the existing data backups. A disablement request has now been sent to the account in question. 

The non-profit organization developed Kodi media center, a free and open-source software entertainment hub, and media player. According to a breach notice published on April 8, the Kodi Team learned of unauthorized access after a data dump of its forum user base (MyBB) was offered for sale online. 

The now-defunct Kodi forum had about 401,000 users who posted 3 million messages covering various topics, including video streaming, suggestions, support, sharing upcoming add-ons, and more. Hackers took over the forum database by accessing the admin interface with inactive staff credentials, according to a site statement on Saturday. 

In the aftermath of the breach, the developer has shut down. The forum, which was home to over 3 million posts, is working to perform a global password reset, as it is assumed that “all passwords are compromised” despite being stored in an encrypted format. 

In an update published earlier today, Kodi's administrators informed the community that they are commissioning an updated forum server. As a result, the existing systems do not appear to have been compromised. 

The forum will be redeployed using the latest MyBB version. This comes with a heavy workload required to incorporate custom functional changes and backport security fixes, so a delay of "several days" is to be expected. 

Kodi shares a list of exposed email addresses associated with forum accounts with the Have I Been PWNed data breach notification service. 

Even though these passwords were hashed and salted, Kodi warns that all passwords should be viewed as compromised for the time being. It may be possible that service availability will be affected if the admin team plans a global password reset. 

According to Kodi's release, any sensitive information transmitted to other users through the user-to-user messaging system may have been compromised, along with any sensitive data sent between users. If you previously used the same login and password for a website, you should follow the instructions on that website for resetting your password or changing it. 

On February 15th, 2023, Amius claimed to have sold a database dump on a website under its brand. According to the database, there are 400,314 Kodi forum members, including "several IPTV resellers," listed in the database. 

There is no information regarding the database price as the seller accepted a private offer over Telegram. The Breached forum is one of the largest hacking and data leak forums. It has developed its reputation over the past few years for hosting, leaking, and selling breaches of companies, governments, and various other organizations. 

MyBB 1.6.6 Security Release patch 14 Vulnerabilities

MyBB released updated version MyBB 1.6.6 that fixes one major issue and 14 low risk vulnerabilities.

The Vulnerability Details:
  • Non Critical: Import a non-CSS stylesheet (Theme)
  • Low Risk: CSRF vulnerability on Admin CP logout (Issue #1769)
  • Low Risk: CSRF vulnerability when clearing a stored password (Issue #1824)
  • Low Risk: CSRF vulnerability when removing a buddy (Issue #1825)
  • Low Risk: CSRF vulnerability with Admin CP join requests (Issue #1834)
  • Low Risk: CSRF vulnerability in Group Promotions Enable/Disable
  • Low Risk: CSRF vulnerability in ACP Edit User (Avatar)
  • Low Risk: CSRF vulnerability with activating a user
  • Low Risk: XSS vulnerability when moving an event (Calendar)
  • Low Risk: XSS vulnerabilities in Akismet plugin
  • Low Risk: XSS vulnerabilities in Forum Subscriptions (User CP)
  • Low Risk: XSS vulnerability in Moderator Logs
  • Low Risk: XSS vulnerability in Edit Post
  • Low Risk: XSS vulnerability when editing Announcements

Download or upgrade:
http://blog.mybb.com/2012/02/10/mybb-1-6-6-security-release/