Kodi Addon Was Used for Creation of DDoS “Botnet”
https://sp-security.blogspot.com/2017/02/kodi-addon-was-used-for-creation-of.html
One of the popular Kodi addons, Exodus, is normally used to access
pirated films and TV-shows, but over the past week its users unwittingly
participated in the DDoS attack. When the problem was unearthed, the
Exodus developer rolled back the malicious code and retired.
Kodi is a very popular source of entertainment, which is often used with add-ons that allow people to access pirated movies and TV-shows. Exodus is one of such add-ons, recognized as one of the most useful ones in terms of accessing streaming video. This software was developed by a person known as Lambda, who has always preferred to remain anonymous – until recently. It turned out that he recently received threats from people who copied his work and promised to expose his real identity. In response, Lambda launched an attack: it took him just several lines of code added to the Exodus plugin, which contacted external websites. These lines were targeting resources of Lambda’s adversaries.
Once this was noticed, users accused Exodus of creating a DDoS “botnet.” In his defense, Lambda says that he was just fighting against people who were trying to do harm or get him in legal trouble. The code does not harm users themselves, since they are just trying to access another web source.
As a result, Lambda decided to make the “protection” feature optional, but this move didn’t satisfy everyone. Eventually, the developer decided to retire. So far, the malicious code is no longer present in the Exodus add-on found in the repository. It is known that Lambda is going to continue his work on other projects.
Kodi is a very popular source of entertainment, which is often used with add-ons that allow people to access pirated movies and TV-shows. Exodus is one of such add-ons, recognized as one of the most useful ones in terms of accessing streaming video. This software was developed by a person known as Lambda, who has always preferred to remain anonymous – until recently. It turned out that he recently received threats from people who copied his work and promised to expose his real identity. In response, Lambda launched an attack: it took him just several lines of code added to the Exodus plugin, which contacted external websites. These lines were targeting resources of Lambda’s adversaries.
Once this was noticed, users accused Exodus of creating a DDoS “botnet.” In his defense, Lambda says that he was just fighting against people who were trying to do harm or get him in legal trouble. The code does not harm users themselves, since they are just trying to access another web source.
As a result, Lambda decided to make the “protection” feature optional, but this move didn’t satisfy everyone. Eventually, the developer decided to retire. So far, the malicious code is no longer present in the Exodus add-on found in the repository. It is known that Lambda is going to continue his work on other projects.
From torrentfreak