25 September 18, 13:44
Quote:The Kodi media player has emerged as a malware distribution platform for cybercriminals, recently becoming the target for a cryptomining campaign that compromised about 5,000 machines before being thwarted. Those victims are still at risk, researchers warned.
Kodi is free and open-source, and can be used to play videos, music, podcasts and other digital media files from local and network storage media and the internet/streaming sources. Users also can extend the software’s functionality by installing add-ons, found both in the official Kodi repository and in various third-party repositories. By targeting the various add-ons and relying on Kodi’s auto-update feature, it’s possible to stealthily spread bad code throughout the ecosystem.
Researchers from ESET said that malware can spread through Kodi in three different ways. They could add the URL of a malicious repository to their Kodi installation, which would download add-ons whenever they update their Kodi installations; or, they could install a ready-made Kodi build that includes the URL of a malicious repository. Thirdly, users could install a ready-made Kodi build that contains a malicious add-on but no link to a repository for updates.
Source: https://threatpost.com/cybercriminals-ta...on/137670/