Kodi Cryptomining Malware is Going Around

AlphaAtlas

[H]ard|Gawd
Staff member
Joined
Mar 3, 2018
Messages
1,713
Cyber security firm ESET tells ZDnet that three popular Kodi addon repositories are spreading cryptomining malware. ESET researchers say they found code embedded in addons from the Bubbles, Gaia, and XvBMC repos that would trigger the download of a secondary, malicious addon. The malware is said to affect both Linux and Windows users. In recent years, Kodi faced a lot of heat from content owners who claim the platform promotes piracy, while the Kodi developers themselves have tried to distance themselves from the 3rd party addons those complaints stem from. This hack isn't particularly widespread yet, affecting "over 4200" victims according to ESET, but malware spreading allegations aren't good for Kodi's reputation.

This was the second malware campaign discovered targeting Kodi users and the Kodi add-ons system. The first came to light in early 2017, when someone used Kodi add-ons to infect users with a DDoS bot.
 
Someone on here was complaining of super hot Kodis.. makes sense now eh.
 
its all free, free. just download for free. pay me now or pay me later.
 
I bought into the KODI deal for a couple weeks. The one time I was able to watch a streamed movie that was still new it was one shot 90s era pirate style; literally sitting in the theater with a video camera recording. Absolute garbage.
Everything else that worked, was about the same content you can get free streaming from ROKU channels but much worse quality. No thanks.
 
A family friend of mine is an avid KODI user and preaches it up all the time. He showed us his setup and some of the videos and they looked awful. Just a bunch of cam footage from a movie theater with people walking in front of it and talking in the background. I guess it's just the thrill of seeing movies that are still in the theater over the actual enjoyment of the footage. I don't get it personally.
 
A family friend of mine is an avid KODI user and preaches it up all the time. He showed us his setup and some of the videos and they looked awful. Just a bunch of cam footage from a movie theater with people walking in front of it and talking in the background. I guess it's just the thrill of seeing movies that are still in the theater over the actual enjoyment of the footage. I don't get it personally.
You can get good quality streams also if it has been out. You typically not getting a 4k feed of a movie that just came out in the theater. Still you get better quality with torrents.
 
What's Kodi!?(j/k), I use Meedio(not really)....
Had a HTPC but haven't really had a front-end for it, mainly used my WD media box.

Cryptominers..... shame someone can't hack them and steal from. :)
 
The whole crappy thing in this is I would allow my pc to be crypto mined in place of ads or as a donation if they were respectful to other tasks and allowed me some moderation. Like I install an app I configure that works with a website to crypto mine instead of ads or a pay wall. This shit kills that from being a thing.
 
I only use kodi for my blu-ray library I have no add-ons.
Yeah, it looks like a very nice and slick interface for that. But getting online content with the add-on was a joke. I've been using the media player app on the ROKU box to access my movie archive. The player itself is pretty terrible. Just does not work well. I'm likely going to build a Ryzen system next year so I'll have a spare PC for a media player.
 
Yeah, it looks like a very nice and slick interface for that. But getting online content with the add-on was a joke. I've been using the media player app on the ROKU box to access my movie archive. The player itself is pretty terrible. Just does not work well. I'm likely going to build a Ryzen system next year so I'll have a spare PC for a media player.

I have kodi running mythtv frontend, Rpi2 you need to buy/enable the MPEG2 acceleration and good to go. RPi3 can do 1080p all on the CPU. No license needed. Streaming is iffy because it depends on your source connection and latency.
 
This hack isn't particularly widespread yet, affecting "over 4200" victims according to ESET, but malware spreading allegations aren't good for Kodi's reputation.

Any system can get malware if you install random software on it, which is what you are doing when you use an uncontrolled 3rd party repository.

This shouldn't affect Kodi's reputation at all. Those third party repositories are not included with Kodi, and are neither operated nor endorsed by the Kodi team. You have to go out of your way to google them, and then manually add them to Kodi before you can install any packages from them.

You could have the same problem in Ubuntu by adding untrusted PPA's or in Windows by just randomly downloading and installing untrusted software.
 
I used Kodi legitimately as a front end for my htpc - not for pirating. It works. But eventually, it was easier to get a Bluetooth keyboard with an integrated trackpad, ditch the remote, and just use windows/VLC to watch my movies. Kodi never gets used anymore.

A neighbor is a big pirater via kodi. All I ever see him do is fiddle with updates, fix broken add ons, and swear at it. I don’t get it either. Just wait a couple of months and rent the dvd/Blu-ray from Netflix, or pay the $10-$15 to buy a digital copy from iTunes/amazon/Sony/whatever.
 
I used Kodi legitimately as a front end for my htpc - not for pirating. It works. But eventually, it was easier to get a Bluetooth keyboard with an integrated trackpad, ditch the remote, and just use windows/VLC to watch my movies. Kodi never gets used anymore.

This is how I use Kodi, and I like it for that purpose.

I use the MythTV frontend in it, so it acts like my cable box for my live TV via my old fashioned cable subscription, and I also have it pointed at my media library folder on my NAS for movies.

I like using it for this. I don't think I'd like a regular desktop computer interface on my TV. That just wouldn't feel right to me.
 
I used to use Kodi on an HTPC, but that went away a long time ago and now I have a Roku and Plex.

I do have Kodi on a rpi that I travel with with a bunch of stupid movies on USB drives to entertain people in sucky wifi hotels or family venues with sucky wifi.
 
I have kodi running mythtv frontend, Rpi2 you need to buy/enable the MPEG2 acceleration and good to go. RPi3 can do 1080p all on the CPU. No license needed. Streaming is iffy because it depends on your source connection and latency.


after i got the mythtv backend setup.. used zap2xml to create a integrated dvt guide in the tv section of kodi by importing via mythfilldatabase after scraping the website guide via crontab job nightly. my olde pvr-350 is in the mythtv box, cut the cord and go. RPi front end upstairs and downstairs free whole house dvr.

screw that cable rip off
 
Last edited:
Back
Top