Close

Results 1 to 4 of 4
  1. #1
    DF VIP Member Bald Bouncer's Avatar
    Join Date
    Jun 2001
    Location
    UK
    Posts
    9,770
    Thanks
    4,161
    Thanked:        5,595
    Karma Level
    1131

    Default Exodus DDOS Attack Bot

    Its recently come to light that a very well known add-on is ddos’ing a site, the Exodus botnet! OK I will explain very quickly what these terms mean. DDOS is a “distributed denial of service” attack, this is a means to bring down or overwhelm a server with too many requests. This is effected by uploading or infecting many devices with such code to send the requests. The code and the devices are referred to as a botnet. The devices can be phones, pcs and increasingly any “computerised device”, such as Android boxes common to Kodi users.

    Malicious Intent?

    I think it should be stated immediately, this is neither a virus nor carries malicious code for any users. There is no need to panic or start factory resetting everything in sight. The discovered code intentions are to bring down a copycat add-on, the ethics of which I will go into further after I show you the proof. If you continue to use Exodus you do so in the knowledge that you are part of the attack network.

    Exodus Botnet



    There are claims almost weekly of malicious intentions, “virus” installs on devices, add-ons stealing data etc, etc. However very rarely does anyone have any actual proof, cold hard lines of code and network analysis to back it up.

    I do.

    The image above shows the Exodus botnet in action, calling the urls repeatedly. You can see some of them fail, as you might expect, the server has been overwhelmed. I will how you the code thats generating the above calls, 30 to one site and 40 to another in very quick succession.

    The “Attack” Code



    I have posted the above image to show this in context, so any other people who can read code can verify this isn’t some click-bait gambit on my part. The image below shows the lines very clearly generating the attack.



    So we can clearly see this code has been added to specifically target the rmkodi shop urls and the github address for an add-on zip download.

    The Ethical Dilema

    The Exodus botnet will be no doubt create, much beating of drums and trolls across social media with this news. I want to be very clear, there is no malicious intent towards users, this attack is focused on two specific urls. There are other questions to be asked here. To use this method of protest, or to remove something to which you object, is illegal in the US & UK. In addition Lambda is a member of TV Addons, who as an organisation not long ago, threatened any coders on “their books” with expulsion for adding code that removed a certain “copy n paste add-on”. So what will TVA do with Lambda now? He is a massive contributor to the Kodi community with THE most popular add-on ever, if he is expelled from TVA, what becomes of Exodus?

    The Consequences

    My personal view is that in adding this code, which is easy to find and copy, Lambda has inadvertently passed a very efficient piece of ddos coding to every wannabe site killer in Kodi land. You know this will be cut-n-pasted by those that always seek to bring drama to the scene. You can expect an upsurge in DDOS activity in future.

    Is Lambda justified in taking this action? If it was a simple case of protecting your work, I would say yes. It is ethically wrong to simply take someone else’s many years of work, change the badges and push it out as your own. I day this because Lambda has never taken donations, ever to my knowledge, so what he gives, he gives freely in the truest spirit of open source community. Whenever something is copied, it always leads to a money trail, either direct payments or via donations.

    What Should You Do Now?

    The choice is yours, if you support Lambda and his protest, carry on as before. I have stated repeatedly there is no malicious threat to any Exodus users, this is a targeted attack on two specific sites. If you object to this Exodus botnet activity in your name, you can simply uninstall Exodus and use one of the many other add-ons. You could of course simply amend your local code and turn off auto updates to preserve your modifications.

    Thanks to the dev(s) for bringing this to our attention – I will happily add their names with permission to do so.

    Source Ares Project

    ------------------------------------------------------------------------------------------------------------------------------

    Can't say I would condemn him/them for doing it, I would have just hidden it better
    Last edited by Bald Bouncer; 2nd February 2017 at 03:21 PM.

    8 Thanks given to Bald Bouncer

    cassy34 (2nd February 2017),  DavidF (2nd February 2017),  DJ OD (2nd February 2017),  Ganty (3rd February 2017),  moonrat (2nd February 2017),  Mystical_2K (2nd February 2017),  Northernbloke (2nd February 2017),  Over Carl (2nd February 2017)  


  2. #2
    DF VIP Member DavidF's Avatar
    Join Date
    Apr 2005
    Location
    GLASGOW
    Posts
    994
    Thanks
    389
    Thanked:        743
    Karma Level
    312

    Default Re: Exodus DDOS Attack Bot

    This code is making web calls to a site, like all addons do, web calls to sites.
    I care about original playlisters that got attacked some days ago by a group called themselves anonymous.
    These calls are for giving trouble to their circle and their friends.
    Nice try though

    Are you going to defend even anonymous group now?
    How low are you going to go?
    I don't say it's a good thing lol, but they wouldn't have less trouble from primewire lol
    What we miss as addon devs is that we in reality ddos attacking the sites we scrape, it depends on the number of users an addon has, an addon with many users is in reality doing this.
    And I wouldn't if they didn't try to expose my real identity and give me legal trouble.
    Lambada's response. Taken from TV Addons forums.

  3. #3
    DF VIP Member DJ OD's Avatar
    Join Date
    Jul 2001
    Location
    On da decks.
    Posts
    10,114
    Thanks
    1,008
    Thanked:        2,254
    Karma Level
    1103

    Default Re: Exodus DDOS Attack Bot

    Interesting.

    Bloody Kodi app devs think they are mutts nutts. So much fkin drama.


    DJ OD

  4. #4
    DF VIP Member DavidF's Avatar
    Join Date
    Apr 2005
    Location
    GLASGOW
    Posts
    994
    Thanks
    389
    Thanked:        743
    Karma Level
    312

    Default Re: Exodus DDOS Attack Bot

    Lambada has now quit - He has released another full statement
    I am developing this addon for many years, it's the continuation of Genesis.
    All these years this community was a nice place to be a part of.

    I didn't wake up one day, after all these years and told myself, let's try to add some calls to a specific site.
    It was a bad desicion I made after all this time and the stessful months I had, and I am sorry about that.
    As long you follow the GPL license and don't remove Exodus credits from it I never had any problem.

    Unfortunately all these months I've seen add-ons taking my code and removing the credits from it, like it's their playground. I do understand that we are talking about addons that help on copyright infringement, but this is something I couldn't tolerate anymore.
    Also lately I've seen some weird private messages from specific people threating me on presonal level.
    Most of them are on social media right now talking about how evil I am.

    I just couldn't deal with all this stress anymore, I made bad desicions that I shouldn't take and I am sorry about that.
    I think this is the time for me too leave, this whole thing is changing me as a person, so it's time for me to take care of myself and leave this scene once and for all.

    I want to thank everybody who stood by me all these years.
    It's time for me to move on and I hope the team to take over my beloved addon.
    Take care everybody

    2 Thanks given to DavidF

    Bald Bouncer (3rd February 2017),  Ganty (3rd February 2017)  


Similar Threads

  1. [DVD] attack of the clones
    By zx81 in forum Cheapskates Corner
    Replies: 13
    Last Post: 19th November 2002, 11:13 AM
  2. Internet Backbone DDoS Attack
    By Ground_0 in forum The Dog and Duck
    Replies: 4
    Last Post: 25th October 2002, 05:58 AM
  3. via2 bf attack
    By luigi39 in forum Forum Suggestions & Feedback
    Replies: 4
    Last Post: 6th October 2002, 08:31 PM
  4. terrorist attack in yemen ???
    By 4me2 in forum The Dog and Duck
    Replies: 0
    Last Post: 6th October 2002, 07:05 PM
  5. FRONTLINE.ATTACK.WAR.OVER.EUROPE-DEViANCE
    By Strider9 in forum PC Gaming
    Replies: 27
    Last Post: 25th September 2002, 01:11 AM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •