Kodi Media Player Installations Used for Distributing Malware

A dangerous new hacking practice has been detected — the use of the of Kodi media player for distributing malware. A lot of users running the open-source software are at risk of becoming victims of a global cryptomining campaign according to a new report.

Kodi Media Player can Deliver Dangerous Malware

The well-known Kodi media player which is widely installed by users and available on many smart devices can pose a serious security risk. According to a new report posted by experts deployed installations can be abused to spread various malware, including cryptocurrency miners. The source of infections is the ability to add add-on repositories which offer plugins, skins and updates that add functionality to the bare Kodi setup. On the Internet there are many guides, Youtube videos and forums that give out instructions on personalizing and customizing the Kodi players with various functions. Malicious users can easily post elaborate such guides with the malicious repositories.

There are three main ways that the malware operators may abuse Kodi:

  1. The criminals can guide the criminals into adding an external plugin repository containing a contaminated update. The malware code will be installed once the users allow the updates to run.
  2. A pre-made Kodi instance is installed. The malicious code may already be placed in them or include the malicious repository link so that upon running the virus code will be deployed automatically.
  3. A ready-made Kodi build containing the malicious add-on but no link to the repository. A persistent installation will follow.

So far most of the infections target the following countries: Israel, Greece, United States, the Netherlands and the United Kingdom. The origins of the Kodi malware families were traced down to a now defunct repository. Another malicious repository which was found to (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/kodi-media-player-installations-used-distributing-malware/