Entertainment Security

3 Ways Your Kodi Box Could Be at Risk From Malware

Dan Price 26-07-2018

If you’re a Kodi user who uses a vast array of add-ons, you need to be careful. You could be inadvertently exposing yourself to malware. Cryptojacking, botnets… there has been a long line of malware claims.


We’re going to take a closer look at cryptojacking, explain how to deal with it, then tell you about two other forms Kodi malware you should watch out for.

1. Cryptojacking

Cryptojacking is a relatively new form of malware that’s becoming increasingly common due to the growing value of cryptocurrencies. In addition to Kodi, you can find it on other apps in the Google Play Store Cryptojackers on Google Play: How to Avoid Being a Victim to This Malware Worried about your phone's recent slowdown? It could be down to Android cryptojacking. Here's what you need to know about it and how to stop it. Read More .

In simple terms, a cryptojacker secretly runs on a host’s machine and mines cryptocurrencies without their knowledge.

On the upside, cryptojacking is not as dangerous as some other forms of malware; it’s not going to lock your machine and hold you to ransom or try and steal your online banking credentials.

But mining crypto is a resource-intensive task Is It Profitable to Cloud Mine Bitcoin? There are many ways to mine Bitcoin, including cloud services. But is it profitable? Here's everything you need to know about cloud mining Bitcoin. Read More . It can eat through your bandwidth and computer processing power, causing your machine and network to slow to a crawl or even crash entirely.


Anyone who runs Kodi is at risk, but people who install the app on Amazon Fire TV devices are particularly vulnerable.

One strain of cryptojacking malware—called ADB.Miner—spreads through port 5555. The port automatically opens when you enable Developer Options, which is a necessary step for install Kodi on the Fire TV. It’s thought more than 17,000 devices are at risk.

The ADB.Miner malware mines the Monero cryptocurrency.

How to Protect Kodi From Cryptojacking

To protect yourself against cryptojacking on Kodi, you need to use TVAddon’s No-Coin Scan add-on. It’s based on the No-Coin browser extension.


You can find the add-on in the Indigo repo. It’s available through Fusion (fusion.tvaddons.co). Check out our beginner’s guide to Kodi How to Use Kodi: The Complete Setup Guide Our beginner's guide shows how to install the Kodi software, how to navigate through the initial setup, and how to load add-ons. Read More if you’re not sure how to install repos.

Once you’ve installed Indigo, go to Add-ons > Indigo on the Kodi homepage, then scroll down to No-Coin Scan and click on it.

The scan will take a few minutes to complete. When it’s finished, it will either give your system a clean bill of health, or advise you on the correct action to take.

2. Subtitle Malware

In May 2017, researchers at security firm Check Point published a proof of concept video which demonstrated how malware hidden in a subtitle file could attack your computer.


The attack itself occurs when you download the file onto your computer from a subtitle repo. It’s especially troublesome because Kodi typically automates the download process; users often have no idea that the malware is infecting them.

Kodi treats the repos as a trusted source, meaning neither it, nor your anti-virus software, picks up on the malware as it enters your machine.

Check Point noted that VLC, Popcorn Time, and Stremio are also vulnerable to the same attack. It adds that many more media players could also be at risk. As a result, it thinks hundreds of millions of users are vulnerable.

Omri Herscovici, vulnerability research team leader at Check Point, said the fragmented nature of subtitle file formats were to blame:


“The supply chain for subtitles is complex, with over 25 different subtitle formats in use, all with unique features and capabilities. This fragmented ecosystem, along with limited security, means there are multiple vulnerabilities that could be exploited.”

Although Kodi has now closed the loophole, you could be at risk if you’re not running the latest version of the app How Do I Update Kodi? For all of Kodi's incredible features, one glaring omission remains: the app does not automatically update itself. Read More . Kodi does not update automatically. If you’re running Windows or Mac, check for updates on Kodi’s website. The processes for updating Kodi on Android How to Update Kodi on Android Updating Kodi on Android can either be a lot simpler or a lot more complicated. It all depends on how you chose to install the app originally. Read More and updating Kodi on the Amazon Fire Stick How to Update Kodi on Amazon Fire Stick It's vital to keep your Kodi app up to date on every device. Here's how to update Kodi on your Amazon Fire Stick. Read More are slightly different.

3. DDoS Botnet Attacks

In February 2017, one of the most popular Kodi add-ons in the world was found to be unsafe. Exodus, which at the time had millions of daily users, was an add-on which allowed users to access copyrighted material illegally.

To explain the full story, we need to take a step back for a moment.

Because Exodus was breaking the law, its then-developer wanted to remain anonymous. He was only known by his handle, Lambada. Rival developers copied his work and threatened to expose his true identity, creating a feud.

Instead of backing down, Lambada went on the attack. He added several lines of code to his add-on that automatically contacted a website.

Upon closer investigation, it was found the targeted websites were those of his adversaries. Lambada had created a DDoS botnet which every one of Exodus’ users automatically became a part of. It meant millions of people were inadvertently pinging sites without their knowledge.

Botnets are terrible for users What Is a Botnet and Is Your Computer Part of One? Botnets are a major source of malware, ransomware, spam, and more. But what is a botnet? How do they come into existence? Who controls them? And how can we stop them? Read More because they can be used to spread malware, reduce your bandwidth, and have an untold number of privacy implications.

It should be noted that Lambada didn’t spread anything malicious. However, keep in mind that Exodus was one of the most well-known Kodi add-ons.

There are lots of murkier Kodi add-ons that can, and do, spread malware and other viruses. Some of the most common culprits are very old add-ons on your system that have changed their developer multiple times and forked versions of popular add-ons.

Are Kodi Video Streams at Risk of Malware?

At the 2018 RSA Conference, Kurtis Minder, CEO of security company GroupSense, gave a talk on the growing threat of malware on Kodi.

He claimed the two major delivery methods for malware were via the Kodi platform and its video streams.

However, his claims regarding video streams are questionable. Bogdan Botezatu, senior e-threat analyst at BitDefender, claimed he had seen such attacks in the wild since 2005’s Trojan.Wimad, that exploited DRM technology on Windows machines.

Hype vs. Reality: How Vulnerable Is Kodi?

All these stories raise the question: Are you really at risk?

Well, despite what some copyright advocates claim, many large security firms agreed that the risk level is quite low. Anti-virus developer Avast says it is yet to see any “Kodi-related malware risks in the wild.” BitDefender said the only significant threat was the previously-discussed subtitle threat.

The threat level is not zero, however. F-Secure noted that “most popular Kodi plugins […] seem clean. But there are at least some plugins that are clearly malicious.”

Of course, malware isn’t the only security threat facing Kodi users 7 Security and Privacy Issues to Consider With a Kodi Media Box As more and more people make the decision to cancel their cable TV packages and cut the cord, Kodi continues to grow in popularity. But is it as secure as you think? Read More . Privacy problems arise from the unencrypted communication between the Kodi app and third-party add-ons, while there are still simmering legal issues if you use Kodi on Amazon Fire TV How Your Amazon Fire TV Stick and Kodi Could Cause Legal Issues Kodi and the Amazon Fire TV Stick are insanely popular. However, although users are attracted to both Kodi and the Amazon Fire TV Stick's flexibility, they could easily land themselves in legal hot water. Read More .

Related topics: Kodi, Malware, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Heather
    July 26, 2018 at 6:27 pm

    What do I do , bc this has happened to me