Kodi Addon Was Used for Creation of DDoS “Botnet”

One of the popular Kodi addons, Exodus, is normally used to access pirated films and TV-shows, but over the past week its users unwittingly participated in the DDoS attack. When the problem was unearthed, the Exodus developer rolled back the malicious code and retired.

Kodi is a very popular source of entertainment, which is often used with add-ons that allow people to access pirated movies and TV-shows. Exodus is one of such add-ons, recognized as one of the most useful ones in terms of accessing streaming video. This software was developed by a person known as Lambda, who has always preferred to remain anonymous – until recently. It turned out that he recently received threats from people who copied his work and promised to expose his real identity. In response, Lambda launched an attack: it took him just several lines of code added to the Exodus plugin, which contacted external websites. These lines were targeting resources of Lambda’s adversaries.

Once this was noticed, users accused Exodus of creating a DDoS “botnet.” In his defense, Lambda says that he was just fighting against people who were trying to do harm or get him in legal trouble. The code does not harm users themselves, since they are just trying to access another web source.

As a result, Lambda decided to make the “protection” feature optional, but this move didn’t satisfy everyone. Eventually, the developer decided to retire. So far, the malicious code is no longer present in the Exodus add-on found in the repository. It is known that Lambda is going to continue his work on other projects.

[ATTACH=full]82599[/ATTACH]

Source >>>> https://torrentfreak.com/popular-kodi-addon-exodus-turned-users-into-a-ddos-botnet-170203/

6 Likes

CC: @Luther12

CC: @Jazzman

Interesting.

After Genesis ceased being reliable, moved to Exodus, wonder which one will replace Exodus.

1 Like

Weh…btw @Luther12 and @Meria Mata I got modbro on my phone and it’s wonderful. I want to have it on my tv which is not a smart tv, which Android box would you recommend or is it better to buy a smart tv?

https://www.kenyatalk.com/index.php?threads/android-box-advice.38446/

https://www.kenyatalk.com/index.php?threads/terrarium-android-app.39065/#post-795601

2 Likes

Naona kaa wanafuata bks of the old testament so I think Leviticus kaa haijatoka iko jiani

5 Likes

kwa wale wamefanya python @jimmy_m and a @Deorro do you see anything sinister with that line of code?
i don’t

@Thitima thegoodfight( ) is what we call a function name but i could be wrong,wacha hao programmers waconfirm

2 Likes

Didn’t see this coming, laughed so hard, folks thought i was losing it. Seems import alifanya kazi mzuri.

1 Like

@Chloe

that looks like the simplest form of a denial of service attack, one user hitting your server 40 times in a couple of seconds might not be a big deal, but you need to look at it from the context of thousands of users being directed to your server unwillingly and each of them spawning 40 threads every couple of seconds ( might be even be triggered by multiple actions such as refresh, buffering , simple search)

5 Likes

40 threads of what, hapo ndipo Sijaelewa

https://www.malwaretech.com/2015/01/distributed-denial-of-service-ddos-for.html

oops, the curse of thinking like a typical coder :D:D

in layman terms , imagine you have a server hosting some application, now if i go to your web app and load 40 instances in a span of a second, that wont be a problem because the server can definitely handle that. however imagine all the users in kenya talk being unwillingly directly to your server to do the same.

all of a sudden, instead of just 40 hits per second, you get (assuming 7000 talkers are online) 7000 * 40 * 60 hits per minute (minimum because that value can also be multiplied by X ). now you also need to keep in mind that the users dont have control on when to hit your serrver, the hits are being randomly generated by some rogue code which depends on a wide range of events (can even be as small as refresh a page, click on a thread, post).

in above scenario, your goose is cooked and even though your server is online, it wont have any resources left to process new requests from additional users, thats why its called a DDoS (Distributed Denial of Service attack)

hope this makes sense :smiley:

its like trying to fit the entire population of county 001 into a 14 seater matatu

5 Likes

:D:D:D:D:D:D

didn’t see it in that perspective
thanks

Wah!!
Thanks for the explanation bro. Leo nimerudi shule.
Kwahivo all sites are vulnerable to attacks and can you stop them

Yes this is a vulnerability (or should i say weak link) which has been there since the inception of the network. however most app developers end up attacking themselves (silly thing right? ), most DoS attacks are not even malicious, they are just users trying to do the right thing but the developer was too lazy to think ahead. e.g the case of that education site when parents were trying to access admission letters, it was always offline because there were too many requests, all the developers for the system needed to do was create some solid load balancing algorithm and a simple captcha to block automated systems (bots), but no, they were too lazy and ended up creating a self inflicted DoS attack

3 Likes

Okay, now. If I want to attack my business rival nitaanza wapi?
Asking for a friend