Slyck Chatbox - And More

Kodi add-ons launch cryptomining campaign

What's happening in the technology world related to software. Please submit stories for this forum here.
Forum rules

Kodi add-ons launch cryptomining campaign

Postby MrFredPFL » Fri Sep 14, 2018 12:59 am

Story :

If you use Kodi, you may have noticed that a popular, Dutch repository for third-party add-ons, XvBMC, was recently shut down upon copyright-infringement warnings. Following the shutdown, we discovered that the repository was – likely unknowingly – part of a malicious cryptomining campaign going back to December 2017. It is the second publicly known case of malware being distributed at scale via Kodi add-ons, and the first publicly known cryptomining campaign launched via the Kodi platform. Interestingly, this campaign pushes Linux- or Windows-specific binaries to Kodi fans on those respective OSes.

For those unfamiliar with the Kodi platform, the popular media player software does not provide any content itself, but users can extend the software’s functionality by installing various add-ons, found both in the official Kodi repository and in numerous third-party repositories. Some third-party add-ons let users access pirated content, stirring controversy around Kodi.

Lately, the copyright-infringing add-ons have also been accused of exposing users to malware, but apart from an incident in which a DDoS module was added to a popular third-party Kodi add-on, no evidence of malware distributed via Kodi add-ons has been presented until now.

According to our research, the malware we found in the XvMBC repository was first added to the popular third-party add-on repositories Bubbles and Gaia (a fork of Bubbles), in December 2017 and January 2018, respectively. From these two sources, and through update routines of unsuspecting owners of other third-party add-on repositories and ready-made Kodi builds, the malware spread further across the Kodi ecosystem.

Posts: 15753
Joined: Wed Aug 17, 2005 4:48 pm

Return to Tech/Software News

Who is online

Users browsing this forum: No registered users and 2 guests

© 2001-2008