Skip to main content

TV Addons - Crypto Mining Hack

If you have been using Kodi third party addons for any length of time, you cannot have missed the controversy that always seems to surround TV Addons and the antics of its owner, Adam Lackman.  In recent history there have been a number of high profile  repo “hacks” and if you think back a little further, there was the DDOS hidden in the popular Exodus add-on.

TV Addons Hack & Virus History


Exodus DDOS “bot”


So if you dont recall TV Addons hugely popualr Exodus add-on had some code added to it to DDOS attack. This was in response to a clone or fork of the addon that TVA took exception against. This seems rather bizarre given the amount of forks that are flying around now! Here is a link to that article.

Exodus Botnet

We did remove a lot of the post – but heres some links showing the code and how it was added;

Exodus DDOS code

Target of DDOS

TVA & Indigo Repo Hijacks


So lets review the repo hijacks – hotly denied, but who else has a vested interest in force installing Indigo? All of the code basically forced the indigo tool as a dependency, so even if you didnt ewant it – TV Addons force install their software on your device. That in any other world is the definition of a virus. An unwanted software installation.

Exodus & Kodil Repo  Indigo Hijack


So TVA, Adam (or you may know him as Eleazar Coding), then resurrected Exodus after Lambda quit and TVA were shutdown (and then the whole “grassing other devs scandal blew up ). However here are two combined sotries from Spet 17 and Feb 18 – Adam pushed a modified Exodus update via the Kodil repo to infect even more devices with his software.

Kodil Repo Hijack – Exodus 4.xx.xx Forcing TVA addons Indigo Install !

Entertainment Repo – Indigo Hijack


Using the same methods as described above – by copying the repo format from an old zip file – then duplicating the setup on github, you can instantly infect and access any device that still has the old repo’s installed. This is a highly dubious practice and a malicious act aginst unwary users.   Read about this from March 18;

TV Addons; Yet ANOTHER Virus!

Cyrpto Mining Botnet


The latest con-trick that TV Addons have employed is forcing traffic through a crypto mining botnet through one its new tools, ” the pairing tool”  – you can see this is advertised on their site here;

tva addons crypto miner

Its linked to a github repo – so the code is public and easily accessed – and with all the things TV Addons have done in the passed, they are passing this code on to countless other wannabe scammers who will employ underhand tactics to make money of you.  How much simpler this would have been to simply declare that a few seconds of your time is taken to help fund development? Too easy? Better to just lie and deceive people if you keep getting away with it right?

The Crypto Mining Redirect


If you look in the zip file on github -> Download Here – you can open up the add.on.py yourself and see the following;



You can see that before you goto pair a video streaming site, you are redirected to a coinhive link – this is how your cpu/gpu is used to mine currency. This could affect your streaming – by slowing your device down whilst it uses CPU power to mine currency (very CPU/GPU intensive). This would be detrimental to phones or any mobile device, as it will consume a lot of battery power.

The amount of CPU usage or battery drain is dependent on how th shortcut to Coinhive Javascript miner is setup – it could be lots or just a little, as there has been no admission of this or public announcment, we have no idea.

What TV Addons Say…


this was put to TV Addons’s Adam Lackman via their twitter account earlier today, you can see their response here;



” the idea digusts us” – intersting response Adam, clearly you didnt check even when it was pointed out, perhaps your complicit and needed the cash?

Summary


Yet again TV Addons have been proven to be liars and a source of random infections, repo hijacks, ddos bots and now Crypto mining via its users devices without permission. We have said time and time again not to use TV Addons, Kodibae, Indigo and sundry other addons this guy has maliciously hijacked. Surely it would be simpler to be open and direct with users instead of the current wave of underhand and mailicious activities. You never know, people may have supported the short cut redirects – but i guess you feared they would reject it and now you are embroiled in another scandal.  SMFH.

Comments

Post a Comment

Trending Posts...

Using TMDb and Alluc API Codes in Kodi Add-ons

Using TMDb / Alluc Codes Together Before explaining how to link your TMDb api code with Alluc code, why does anyone need the code ? When the Add-on Elysium became the “go to” add-on as an alternative to Covenant, the Devs added the api Code. Consequently TMDb began cancelling each new api code generated by the Developers as it was viewed as “abuse of the code”.  As a result the Developers spent more time generating a new code instead of improving the add-on itself. The Solution was to allow each user to generate their own personal IMDb Api code and enter it themselves. Generating your own TMDb Code While other groups were providing a solution, Ares Project Forum had taken it a step further by providing a Blog that gave a more detailed method that others had missed. In addition to generating a TMDb code, you will also need a Alluc code. This can be found by following this link . Add-ons Currently Utilizing both Codes The above list will be updated as ...
Post a Comment
Read more

WiFi Settings & Tweaks for Kodi

I thought I’d cover the one of the most talked about issues in the world of streaming and thats WiFi and how to get the best out of it, practical measures and not some of the voodoo you read on some forums! What is WIFi? The term Wi-Fi refers specifically to the IEEE 802.11 set of standards for wireless networks. Several different standards are designated by a letter suffix on the 802.11, such as in 802.11g or 802.11n. In general all of the 802.11 standards operate on either a 2.4GHz or 5GHz radio frequency. 5GHz has much greater speed capability but a reduced range; generally speaking the lower a frequency the further it will travel, so don’t expect miracles if you switch to 5GHz. A key thing to note here is that if ANY device uses the older “b” standard then ALL devices *could* have their speed reduced to 11mbps on “g” networks, depending on your router. This really applies to older equipment or cheap equipment with old parts used in it *cough* t...
Post a Comment
Read more

Updating Your Add-ons and Repositories in Kodi

Updating Add-ons / Repositories Updating your list of Add-ons and Repositories is the best way to ensure Kodi is functioning properly. Rather than checking, many newcomers think it’s better to just Uninstall the Add-on/Repo and reinstall it again. Totally unnecessary for many reasons. Consider this, if your vehicle runs out of fuel, would you replace it with another of the same make and model ? Of course not, you would find a way to fill it with fuel and carry on. Therefore, updating the Add-ons/Repos is like refueling your vehicle. This is another topic in our continuing effort to help the newcomers/beginners to the world of Kodi. You can view many more Blogs on a wide assortment of helpful topics here at Ares-Project Blog . Updating Repositories Rather than send an update for a single add-on that may be in a repo, the Dev will send one for the entire repo. It faster, more convenient and above all it saves time. Yet how do you know if your repo is up to date? Here are two exampl...
Post a Comment
Read more

Utilizing Alluc.ee in Add-ons for Kodi

This article will show you how to take advantage of the benefits of using a Alluc.ee Account in the Kodi Add-ons Elysium, Placenta, Death Streams and Rebirth. These are just some of the many add-ons for Movies and TV Shows available and are quite easy to navigate. What is Alluc.ee? First off, let’s take a look at what Alluc.ee is about.  Here is a brief description of Alluc.ee  and how you can take advantage of what it has to offer: “Alluc.ee (pronounced: “all-you-see”) is a user-generated link-sharing-website that catalogs links to TV shows, movies, music videos, sport, anime and cartoons. Alluc does not host any content itself. Alluc.ee also does not contain any download links, all are links to streaming video sharing websites. Users provide the links in the right category and they are released to the site after having been checked by the administrators. Video hosting sites that are linked include YouTube, Dailymotion, and Veoh, among others....
Post a Comment
Read more

Kodi Dlna Client and Server Setup for Krypton

What is Dlna ? WHAT IS DLNA? The term DLNA stands for “Digital Living Network Alliance”. It is the industry standard for sharing network data combined with “Universal Plug and Play Audio Visual(UPnP). This option can be used to share your media libraries from one device to another. If you have a PC or Kodi Box for your Tv, you can share its media contents.  Other Smart TVs, Game Consoles, Phones, etc. to name a few. It is recommended that you backup Kodi before continuing in case you wish to restore your Kodi settings at a later date. A Kodi UPnP server/media can stream its content to other devices on the same network by using UPnP and DLNA protocols. HOW TO ENABLE DLNA ON KODI? For this article, I used a clean version of Krypton 17.6. If you are using a Build, this is typically found by selecting System, then System again. Lets begin: After opening Kodi, select the Cog Icon found in the top left corner. Then Select Service Settings top row far right in...
Post a Comment
Read more