Kodi users have been given a fresh warning about using so-called add-ons and this time it has nothing to do with their legality.
These popular extras, which can be easily added to the Kodi TV player, often allow access to content including movies, sports and TV shows without paying a fee.
The lure of watching premium content for free has made these services hugely popular but the team behind the Kodi player has issues a stark warning about installing them.
In a post on its blog, Kodi is telling its millions of users to be careful when installing add-ons and repositories.
The problem seems to come from the fact that the moment you have something installed on your Kodi player updates can be distributed automatically without you ever knowing and this can lead to things getting infected by malware and viruses.
Explaining why users should be wary Kodi said: “If a newer version (with a higher version number) of a given add-on is pushed to an installed repo, then the add-on can be updated regardless of which repo the addon originally came from.
“Hence, if a malicious programmer pushes a new version to an installed repo, then anyone who had the original version will get the poisoned version installed onto their device instead.”
This problem gets worse for those who may have been using Kodi for a while and have dozens of the repos installed on their system.
Kodi explains: “Another big issue with third-party repos is the fact the domain name might be abandoned and expire while users still have the repository installed.
“This could enable an attacker to later register that expired domain, effectively taking it over. They could then replace the existing addon content with malicious code.”
Kodi says that its members are working towards improving the add-on/repository infrastructure but, for now, the team says before you install any third-party add-on, repo or build onto your Kodi device, pause and consider whether you really trust the source you're getting it from and any repercussions that may result from that install.
The news from Kodi comes after a report from the Digital Citizens Alliance also warned users of the dangers that come from watch content without permission.
The comprehensive investigation looked into the issues of buying so-called Kodi boxes and jailbroken Amazon Fire TV Sticks that come pre-loaded with adapted versions of the TV player.
However, it seems these devices could leave owners at risk from cybercrime and malware that can end up accessing personal data.
According to the report, users who plug one of these devices into a home network, can easily be enabling hackers to bypass the security designed to protect their system.
Hackers are now benefiting from the growing proliferation of these devices as well as consumers’ lack of awareness of the risks.
As part of its research survey, Digital Citizens asked Americans if they’ve had a problem with malware in the last 18 months.
Of those who said they didn’t have a piracy device in their home, just seven per cent reported an issue with malware whilst 44 per cent of those that did have a Kodi-style box reported an issue with malware.
Warning users about the dangers The Digital Citizens Alliance said: “The streaming piracy ecosystem is built on making money from stealing, selling, and weaponizing pirated movies, TV shows, sporting events, games, and music. Often uninformed of the risks, users of this software are baited into trying something they think is free or cheap but comes with a hidden cost: malware.
“People using piracy apps and jailbroken and/or fully loaded devices need to know that security and privacy are not a concern of those who sell piracy devices.
“Even worse, the business model for many is banking on offering add-ons primed for malware and invading networks.
“Until other remedies are taken, consumers must be careful about what devices they invite into their homes.”
Written by David Minister
Last Updated on