Kodi Rebuilds Forums After 400,000 User Breach

Saturday, 15 April 2023
kodi.jpg

Kodi, an open-source media player, has announced that it is rebuilding its user forum from scratch in the wake of a cyber attack that exposed the data of 400,000 of its forum users back in February.

The data of the users was advertised on underground forums including BreachForums, after the hacker managed to compromise the account of an inactive administrator. They then used this account to access the web-based MyBB portal, successfully making off with two database backups dated 16 February and 21 February.

"The nightly full backups that were downloaded expose all public forum posts, all team forum posts, all messages sent through the user-to-user messaging system, and user data including forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB (v1.8.27) software," Kodi said last week.

Although the passwords stored were reportedly hashed and salted, Kodi stated that users should consider the plaintext version of the passwords to be compromised. The team behind Kodi are actively working on performing a global password reset, in addition to building an entirely new forum server.

"We have chosen to redeploy the forum on the latest version of MyBB software. This requires us to extract and review all differences between the latest MyBB release and the fork we maintain, which includes numerous functional changes and backported security fixes," Kodi announced earlier this week.

Kodi has shared a list of compromised email addresses with HaveIBeenPwned to help ensure that all of its customers are aware of the breach, in addition to promising to send out email notifications to its forum users once the new server is up and running.

"The wiki is being moved to another server host. A review of the code files has been completed and it will be redeployed using the latest MediaWiki version. We recognise the wiki is the go-to Kodi info resource for many users and we aim to bring it online again as a priority. The paste server will also be moved and restored but this is less urgent," Kodi announced.

Enjoyed this article? Please consider donating!
Donate
* Alpha Safe journalism is funded exclusively by your donations. We care about your online safety, so we will never display ads, as they could serve you malicious content. We also believe journalism should be available for all, and will never hide our articles behind a paywall. As such, your donation would be very much appreciated.

Most Recent

31 July 2023

Hell Pizza Suffers Credential Stuffing Attack

14 July 2023

Wellington City Council Data Breach

8 July 2023

Event Secretary Data Breach

2 July 2023

TSMC Data Breach; Hackers Demand $70m Ransom

27 June 2023

Suncor Energy hit by Giant Cyberattack

21 June 2023

Kiwis Losing $2M Every Month To Cybercriminals

18 June 2023

Eftpos Provider Smartpay Suffers Ransomware Attack

17 June 2023

Colossal Louisiana Driver Licencing Data Breach

14 June 2023

Russian Hackers Breach Ulez Database

9 June 2023

Thousands of Companies' Data Stolen Through MOVEit Flaw