Windows, Linux Kodi Users Infected With Cryptomining Malware (zdnet.com) 58
An anonymous reader quotes a report from ZDNet: Users of Kodi, a popular media player and platform designed for TVs and online streaming, have been the targets of a malware campaign, ZDNet has learned from cyber-security firm ESET. According to a report that will be published later today and shared with ZDNet in advance, the company's malware analysts have uncovered that at least three popular repositories of Kodi add-ons have been infected and helped spread a malware strain that secretly mined cryptocurrency on users' computers.
ESET researchers say they found malicious code hidden in some of the add-ons found on three add-on repositories known as Bubbles, Gaia, and XvBMC, all offline at the time of writing, after receiving copyright infringement complaints. Researchers said that some of the add-ons found on these repositories would contain malicious code that triggered the download of a second Kodi add-on, which, in turn, would contain code to fingerprint the user's OS and later install a cryptocurrency miner. While Kodi can run on various platforms, ESET says that the operators of this illicit cryptocurrency mining operation only delivered a miner for Windows and Linux users. The crooks reportedly mined for Monero, infecting over 4,700 victims and generating over 62 Monero coins, worth today nearly $7,000.
ESET researchers say they found malicious code hidden in some of the add-ons found on three add-on repositories known as Bubbles, Gaia, and XvBMC, all offline at the time of writing, after receiving copyright infringement complaints. Researchers said that some of the add-ons found on these repositories would contain malicious code that triggered the download of a second Kodi add-on, which, in turn, would contain code to fingerprint the user's OS and later install a cryptocurrency miner. While Kodi can run on various platforms, ESET says that the operators of this illicit cryptocurrency mining operation only delivered a miner for Windows and Linux users. The crooks reportedly mined for Monero, infecting over 4,700 victims and generating over 62 Monero coins, worth today nearly $7,000.
Re: (Score:3, Informative)
XBMC\Kodi is a rather large HTPC platform. The issue is not with their software. The issue is they allow plug-ins to extend functionality which is something that makes its very powerful. I use it to auto-rip a DVD while it plays for instance. You are well warned when you install from 3rd party repositories like the ones in question. It is no different than the varies app stores when Android first started that will full of all sorts of baddies.
At the end of the day if you're installing software from untrust
Re: (Score:2)
And it's likely that the trojaned plugins were not downloaded from the official Kodi site. Need to wait for the details of course.
Re: (Score:2)
I use it to auto-rip a DVD while it plays for instance.
What addon do you use for this purpose?
Re:So Open source not great either (Score:5, Insightful)
If you choose to install malware, you'll get malware. To get infected by this you have to go to one of three fly by night repositories of illegal plugins and choose to install a plugin that turns out to be doing a different kind of illegal activity than you expect (crypto mining instead of media piracy). It should not be a shock that dealers in illegal goods aren't always trustworthy -- it's like being shocked when your drug dealer steals from you.
Re: (Score:1)
Are the trojaned plugins open source? I somehow doubt it. It's the closed-source so-called "freeware" that is the most dangerous vectors for malware these days.
Re: (Score:1)
Never listen to APK's lies (Score:1)
Like how he claims the Chinese copied him [slashdot.org] but can't produce any evidence.
How about when he states that hosts does port filtering [slashdot.org] but again can't backup his statement which was shown to be false.
There is also his list of "experts" who support him but it turns out they don't say what he is claiming [slashdot.org].
This also ignores his out of context quotes he uses to lie by omission.
The problem with APK is that his entire reputation is built upon the lie he told years ago
Oh Noes! (Score:1)
Oh Noes, in maybe a few years, my raspberry pi will have mined a coin. how will I pay for the 0.25 in electricity?
worth this hour (Score:2)
The word "today" is a little too broad, is it not?
How about this:
At some point, (Score:1)
software must be only open source. No binary, anywhere. I don't care how you bootstrap the process. This has gone too far.
I do not know what my computer is doing anymore. "Oh you have to trust someone". Well, I can't.
Fuck modern software. Fuck it up its bloated ass.
turbo C compiler was a 100 kilobyte exe.
whatsapp for windows, a fucking messaging app, is 50+ MB
what the hell?!