Kodi Add-ons (Linux/Windows) infected with coin iiner

Some unofficial repositories for the Kodi open source media player deliver cryptomining malware for Windows and Linux platforms in a modified add-on. Here are a few details.


The whole thing has been deteted by ESET security researchers, who have documented it on the We Live Security blog. Kodie users may have noticed that a popular Dutch repository of third-party add-ons, XvBMC, was recently shut down for copyright infringement warnings. After the repository’s shutdown on Github, ESET security researchers discovered that the repository was – probably unknowingly – part of a malicious cryptomining campaign dating back to December 2017.

(Source: Pexels David McBee CC0 License)

It is the second publicly known case of malware spread on a large scale via Kodi add-ons, and the first publicly known cryptomining campaign launched via the Kodi platform. Interestingly, this campaign installs Linux- or Windows-specific binary files on the respective operating systems of Kodi victims. More details may be read at We Live Security and Bleeping Computer


This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *