Windows and Linux Kodi users infected with cryptomining malware

kodi-miner.png

Users of Kodi, a popular media player and platform designed for TVs and online streaming, have been the targets of a malware campaign, ZDNet has learned from cyber-security firm ESET.

According to a report that will be published later today and shared with ZDNet in advance, the company’s malware analysts have uncovered that at least three popular repositories of Kodi add-ons have been infected and helped spread a malware strain that secretly mined cryptocurrency on users’ computers.

Also: Tech support scammers find a home on Microsoft TechNet pages

Kodi, for readers unfamiliar with this software, is an “empty” media player that works primarily based on add-ons. Users install Kodi and then add the URL of one or more add-on repositories, from where they choose what add-ons to install on their players.

Add-ons exist for streaming everything from Hulu to YouTube, but the player is often used for streaming pirated content, such as pay-per-view channels or movies from torrent portals.

ESET researchers say they found malicious code hidden in some of the add-ons found on three add-on repositories known as Bubbles, Gaia, and XvBMC, all offline at the time of writing, after receiving copyright infringement complaints.

Researchers said that some of the add-ons found on these repositories would contain malicious code that triggered the download of a second Kodi add-on, which, in turn, would contain code to fingerprint the user’s OS and later install a cryptocurrency miner.

While Kodi can run on various platforms, ESET says that the operators of this illicit cryptocurrency mining operation only delivered a miner for Windows and Linux users.

Also: Recent Windows ALPC zero-day has been exploited in the wild for almost a week

Crooks mined for Monero, and according to some partial data obtained by ESET, the company believes they infected over 4,700 victims and generated over 62 Monero coins, worth today nearly $7,000.

Most of the infected users were located in countries such as the US, the UK, Greece, Israel, and the Netherlands, countries where Kodi usage is also high.

ESET says there is no reliable way of knowing if a user of those three add-on repositories has been infected, other than installing an antivirus solution and scanning the machine where Kodi was installed. A clear hint that something is wrong is high CPU usage, a common indicator of cryptocurrency mining operations.

This was the second malware campaign discovered targeting Kodi users and the Kodi add-ons system. The first came to light in early 2017, when someone used Kodi add-ons to infect users with a DDoS bot.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 62,062.00
ethereum
Ethereum (ETH) $ 3,767.24
binance-coin
Binance Coin (BNB) $ 478.37
tether
Tether (USDT) $ 1.00
cardano
Cardano (ADA) $ 2.13
xrp
XRP (XRP) $ 1.09
solana
Solana (SOL) $ 157.33
polkadot
Polkadot (DOT) $ 41.14
dogecoin
Dogecoin (DOGE) $ 0.252824
usd-coin
USD Coin (USDC) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 62,062.00
ethereumEthereum (ETH)
$ 3,767.24
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 608.30
litecoinLitecoin (LTC)
$ 183.26
bitcoinBitcoin (BTC)
53.505,82
ethereumEthereum (ETH)
3.247,87
tetherTether (USDT)
0,862135
bitcoin-cashBitcoin Cash (BCH)
524,44
litecoinLitecoin (LTC)
157,99
bitcoinBitcoin (BTC)
45,152.40
ethereumEthereum (ETH)
2,740.81
tetherTether (USDT)
0.727537
bitcoin-cashBitcoin Cash (BCH)
442.56
litecoinLitecoin (LTC)
133.33

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Behind The Scenes: How this Crypto Community Responded to + $50m Hack
October 18, 2021
Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021

Blockchain/Cryptocurrency Questions and Answers

ICo Presale
The Science Behind ICO Presales…
October 14, 2021
Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin62,422 0.47 % 2.25 % 14.09 %
Ethereum3,781.7 0.25 % 0.71 % 10.22 %
Binance Coin480.23 0.17 % 2.91 % 18.77 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Cardano2.140 0.37 % 0.97 % 2.59 %
XRP1.090 0.33 % 2.62 % 3.74 %
Solana157.76 0.27 % 2.03 % 6.81 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2567 1.00 % 8.34 % 11.95 %
USD Coin1.000 0.14 % 0.20 % 0.17 %

bitcoin
Bitcoin (BTC) $ 62,062.00
ethereum
Ethereum (ETH) $ 3,767.24
binance-coin
Binance Coin (BNB) $ 478.37
tether
Tether (USDT) $ 1.00
cardano
Cardano (ADA) $ 2.13
xrp
XRP (XRP) $ 1.09
solana
Solana (SOL) $ 157.33
polkadot
Polkadot (DOT) $ 41.14
dogecoin
Dogecoin (DOGE) $ 0.252824
usd-coin
USD Coin (USDC) $ 1.00