Some Kodi add-ons are carrying cryptocurrency mining malware


If you use Kodi for your streaming needs, then it’s time to sit up and pay attention, because a number of add-ons for the media player have apparently been infected by cryptocurrency mining malware that affects Windows and Linux users.

This is according to a report spotted by ZDNet from security firm ESET, which points out the discovery of malicious code in (unspecified) add-ons from no less than three Kodi repositories: Bubbles, Gaia and XvBMC.

This code fires up the download of another add-on, which takes a snapshot of the host operating system, and subsequently installs a stealthy coin miner.

In other words, it hijacks the PC’s resources to mine cryptocurrency for the attacker, which may not seem like a direct theft, but of course it is ramping up the power usage of your machine and costing you electricity indirectly. Not to mention potentially slowing down your computer by spiking processor usage.

As mentioned at the outset, according to ESET’s security researchers, the malicious coin miner – which targets the Monero cryptocurrency – is only aimed at Windows and Linux users.

Run a scan

So if you’re in either of those camps, and have installed add-ons from the aforementioned Kodi repositories, you should check your PC for any signs of malware in residence (a good antivirus app will help you keep your machine healthy).

There’s no current danger, given that the three repositories in question are no longer active, having been taken down due to copyright violation issues (this sort of controversy can often be linked to some Kodi add-ons, as we’ve seen in the past).

ESET believes that this malicious mining operation dates back to December 2017 – when the Bubbles repository was first affected – and has racked up over 62 Monero coins, which equates to something like $7,000 (around £5,300, AU$9,700) of ill-gotten gains. The total number of systems infected stands at around 4,700.

If you’re not familiar with the world of Kodi and its myriad add-ons, we’ve got a full explainer of what all this is about here, including our recommendations for the best add-ons and how to install them.

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).