Server Version#:
Player Version#: I can’t provide either because i’ve shut the server off
HI! I’ve been just notified someone logged into my server from an android device - i managed to rush home to change password, but the hacker had access to my server for at least 20 minutes.
I’ve saw some attempts at getting an update downloaded in the logs, so I thought it would be wise to request someone who knows more about how Plex on a Synology can be hacked to take a look.
22:36 the guy from UK logged into my account from apparently:
Device: Plex for Android (Mobile)
Then at 22:53 he changed the password, but i managed to change it back just minute later and turn on 2FA
Should I be worried about lines like these:
May 19, 2022 22:53:27.930 [0x7fd05978cb38] DEBUG - MyPlex: updating with 44 access tokens
May 19, 2022 22:53:27.936 [0x7fd05785cb38] DEBUG - [MediaProviderManager] HTTP requesting GET Sign In | Plex
Full log from the moment he got in to the moment i kicked him out and turned off the synology NAS completely:
To a completely new randomly generated password, yes.
Obviously i logged everyone out. I think i saw a new user added but no libraries shared to him, left him in for now, will remove him later after i boot up plex
