Cyber security firm ESET tells ZDnet that three popular Kodi addon repositories are spreading cryptomining malware. ESET researchers say they found code embedded in addons from the Bubbles, Gaia, and XvBMC repos that would trigger the download of a secondary, malicious addon. The malware is said to affect both Linux and Windows users. In recent years, Kodi faced a lot of heat from content owners who claim the platform promotes piracy, while the Kodi developers themselves have tried to distance themselves from the 3rd party addons those complaints stem from. This hack isn't particularly widespread yet, affecting "over 4200" victims according to ESET, but malware spreading allegations aren't good for Kodi's reputation. This was the second malware campaign discovered targeting Kodi users and the Kodi add-ons system. The first came to light in early 2017, when someone used Kodi add-ons to infect users with a DDoS bot.