Researchers from Dark Wolfe Consulting, a cybersecurity consulting firm and the Digital Citizens Alliance (“DCA”), which is a consumer focused group dedicated to making the internet safer have analyzed six pirated streaming devices using the Kodi platform and found that they are rigged with malware and open doors for malware entry.
Kodi devices are sometimes called “Kodi boxes” or “jailbroken Fire TV Sticks” and look like legitimate streaming devices, and are cheap in comparison to Apple TV or Roku. The price users pay upfront gives them access to illegally provided content. Researchers equate the use of one of these devices to letting a “Trojan horse in through the front door” for the following reasons:
- these devices allow hackers to bypass the security of home network router firewalls.
- normal security features and precautions are either not available or not in use to accommodate the illegal streaming of content.
- users often have to turn over full admin access, which includes access to the device’s memory, location history and other security features.
- malware can be used to snare devices into a botnet for use in cyber attacks or cryptocurrency mining.
- sensitive information stored on devices, such as credit cards, passwords and photos are vulnerable to exploit.