Kodi-Erweiterung "Exodus" machte Anwender zu Botnetz-Zellen

Anwender des Plug-ins "Exodus" für das Media-Center Kodi wurden zu unfreiwilligen Teilnehmern eines Botnets, das gezielte DDoS-Angriffe fuhr. Deren Ziel: Websites von Konkurrenten.
Die populäre "Exodus"-Erweiterung für das quelloffene Media-Center Kodi ist in Ungnade gefallen. Das Plug-in verschafft Anwendern den Zugriff auf diverse Streaming-Inhalte, darunter auch aus illegalen Quellen. Sein Entwickler verwendet den Tarnnamen "Lambda".
Die Beliebtheit der inoffiziellen Erweiterung sorgt sowohl für Nachahmer als auch Neider. Vor etwa einer Woche tauchten im Code neue Zeilen auf, die auf Websites dieser "Gegner" zeigten, darunter das Repository eines konkurrierenden Plug-ins und einen Anbieter britischer TV-Streams. Spielte ein Kodi-Anwender ein Video über Exodus ab, soll der Client diese Websites im Hintergrund bis zu 40 Mal aufgerufen haben.
DDoS als "Notwehr"

Zur Rede gestellt, verteidigte Lambda die im Code "thegoodfight" genannte Programmfunktion als Schutzmaßnahme gegen Leute, die ihm gedroht oder seinen Code geklaut hätten. Exodus-Anwender seien durch diese Maßnahme nicht geschädigt worden; deren Clients würden ja nur eine zusätzliche Website aufrufen.
Als Anwender diese Maßnahme in Frage stellten, machte Lambda die Funktion "Enable 'Anonymous' protection" zunächst optional. Dann beschloss er sich zu einem wesentlicheren Schritt: Er will das Projekt nicht mehr fortführen; die Weiterentwicklung sollen andere Entwickler übernehmen. In einem Forums-Posting entschuldigte er sich bei seinen Anwendern für sein Verhalten.
Das plattformübergreifende Media-Center Kodi war ehemals als XBMC (XBox Media Center) bekannt. Kodi ist unter anderem für Android, Linux, macOS und Windows verfügbar und lässt sich durch eine Vielzahl an Add-ons maßschneidern. Die aktuelle Version 17.0 mit dem Code-Namen "Krypton" wurde Anfang des Monats veröffentlicht.
[Update 4.2.17, 18:27:] Korrektur des Release-Status von Kodi 17.0. Verdeutlichung, dass es sich bei Exodus nicht um eine offizielle Erweiterung handelt. [/Update]

Quelle: Kodi-Erweiterung machte Anwender zu Botnetz-Zellen | heise online

[h=1]Popular Kodi Addon ‘Exodus’ Turned Users into a DDoS ‘Botnet’[/h] News
Exodus is one of the most-used Kodi addons out there, allowing users to obtain easy access to pirated movies and TV-shows. However, over the past week the same users were unwittingly part of a DDoS attack. After the issue raised eyebrows in the community, the Exodus developer rolled back the malicious code and retired.

Millions of people use Kodi as their main source of entertainment, often with help from add-ons that allow them to access pirated movies and TV-shows.
One of the most popular addons is Exodus. The software is maintained by “Lambda,” who’s one of the most prolific developers in the community.
Exodus is widely praised as one of the most useful addons to access streaming video, including pirated movies and TV-shows. This prominent position also brings along quite a few adversaries, which recently led to an unusual situation.
Due to the controversial nature of his work, Lambda has always preferred to remain anonymous. However, he was recently confronted with some people who copied his work and/or threatened to expose his real identity. But instead of backing down, he launched an attack.
Roughly a week ago several lines of code were added to the Exodus plugin, which contacted external sites. While this is nothing new for Kodi addons, in this case the lines in question were targeting resources of Lambda’s adversaries.
Soon after people started to notice, complaints started rolling in accusing Exodus of creating a DDoS “botnet.” The Ares Blog mentioned the issue and a lively discussion started in the TV Addons forum, where the developer himself joined in defending his actions.
The offending code

Lambda says that he added the code as a countermeasure against people who he believes are trying to do harm or get him in legal trouble. The users themselves are not harmed by the code since they are simply trying to access another web source, he adds.
“Like I said they try to find my identity and give me legal trouble. I have no choice but to protect myself. If this won’t help me to defend myself I will retire from all these and focus on my legal addons,” the developer notes.
While some people sympathized with the move, Lambda eventually decided to make the “protection” feature optional. Still, that didn’t satisfy everyone and soon after the developer decided to throw in the towel and retire.
“I just couldn’t deal with all this stress anymore, I made bad decisions that I shouldn’t take and I am sorry about that,” Lambda explains in a formal apology.
“I think this is the time for me to leave, this whole thing is changing me as a person, so it’s time for me to take care of myself and leave this scene once and for all,” he adds.
TorrentFreak reached out to TV Addons repository which offers the Exodus addon, and they told us that the malicious code is no longer present. They are very unhappy with the incident and say they did their best to resolve the matter as swiftly as possible.
“The actions taken were inexcusable,” TV Addons’ Eleazar informed us. When they found out about the code, the developer’s repository was locked and they stress that “this situation is not being taken lightly.”
TV Addons has previously published a malicious code policy and says it takes an active stance against this type of abuse. As such, the team has taken it upon themselves to continue the development of Exodus, with Lambda’s approval.
“Moving forward, his addons will be maintained by another member of our team. TV ADDONS stands for the end user first, integrity is of our utmost concern,” Eleazar notes.
As for Lambda himself, he plans to continue his work on other projects.
“I want to thank everybody who stood by me all these years. It’s time for me to move on and I hope the team to take over my beloved addon. Take care everybody,” he concludes.

Quelle:https://torrentfreak.com/popular-kodi-a…-botnet-170203/