When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Unsafe Kodi Addons – Here’s How Malicious Clones & Forks Can Wreak Havoc on Your System!

Last updated August 17, 2021
Written by:
Novak Bozovic
Novak Bozovic
Tech & VPN Content Specialist

When searching for Kodi-related information online, you'll encounter two types of information first. What you'll see will be articles related to piracy, as well as articles related to malware. This is why many believe Kodi to be a "black market" application, which is the reason for its notoriety.

However, on its own, Kodi has nothing to do with piracy or malware. Instead, this story begins with third-party addons. More precisely, this is where forks and clones of Kodi addons come into play, many of which have proven to be malicious in the past.

This has also forced Kodi's own team to warn against installing third-party repositories, which has become a problem affecting the global Kodi community.

So, are forks and clones of Kodi addons truly that dangerous? What kind of damage can they do to your system? And more importantly, is there a way to protect yourself? We'll answer all those questions, and then some more. So, make sure to keep on reading!

How Does Kodi Security Affect You? Why Should You Even Care?

Yes, you should definitely care about the potential dangers that Kodi brings - and here's why!

The "problem" with Kodi is that you can install and use this application on a really wide range of devices. After all, Kodi can run on your smartphone, computer, tablet, smart TV, gaming console, media streaming device, and more. And yes, we're talking about running Kodi natively on all those devices.

The second "problem" with Kodi is its open-source nature. You can install just about any Kodi addon from the Web without having to tinker with the application. However, this also means that Kodi comes without any protection systems in place. It's fully exposed to third-party content.

"Don’t blindly follow online tutorials, how-to guides, and YouTube videos that tell you to install whatever you can find. Most of them will just point you to some one-click install wizard that does strange things without you even understanding the possible implications." - Kodi's Development Team.

So, what does all that mean? Well, it means that you're on your own. Kodi's developers won't protect you or help you in case of piracy or a malware-related problem. Your device's manufacturer won't help you either. In other words, you'll be on your own.

How Do Malicious Addons Find Their Way to Kodi?

There are several methods through which malware can reach your Kodi, and therefore infect your system. As you can imagine, malicious actors are getting more creative over time, so we'll focus on previous events that have "exploited" Kodi in a known way.

Method #1: Purposeful Serving of Malicious Addons

As mentioned above, just about any addon can be downloaded from the Web. These add-ons come as ZIP files, which is how you install them on Kodi. Therefore, if you're not careful, you could easily encounter a malicious addon.

With that said, here's how the purposeful distribution of malicious addons happens.

  1. A malicious actor creates an addon, which is typically a fork of a popular addon.
  2. The addon gets distributed via a repository, which you can install on Kodi.
  3. Once you install a repository, you install the infected addon as well.
  4. As soon as you launch the addon, a malicious script gets executed.

As you can see, this method is made possible since Kodi provides no protection systems. There simply are no protective systems at any stage of this process.

You're free to download any file from the Web, and you can install that file on Kodi. And finally, you'll get to open that addon with no problems, as Kodi won't scan its code.

Method #2: Malware Distribution via Malicious Updates

An addon doesn't have to be malicious from the get-go. Instead, it can earn the trust of its users as it strives to reach global popularity. Once that happens, a malicious update is published, affecting local Kodi installations instantaneously.

So, here's how a malicious update can inject malware via Kodi.

  1. First, you download and install any Kodi addon. This could be a highly popular one as well.
  2. Then, a malicious actor publishes an update that now comes with malicious code.
  3. As soon as you launch Kodi, the application will automatically check for new updates. If there's a new version available, that update will automatically download and install.
  4. The next time you open the now malicious addon, it will run its malicious scripts.

This is precisely what happened with addon repositories like Bubbles and Gaia. In that case, the malware had a multi-stage architecture, which ultimately led to a cryptominer being installed on Windows and Linux machines.

Method #3: Malware Distribution via Expired Website Domains

And lastly, there's always a possibility that a previously benign domain expires, hosting the addon you've installed on your Kodi. If that domain gets in the hands of a malicious actor, this could inflict massive damage on your system.

Here's how malware can reach your Kodi via an expired website domain.

  1. First, you install any Kodi repository - done by inputting its URL. This means that once installed, that repository will become part of Kodi. The application will always return to it when checking for updates.
  2. As you know, domains (URLs) can expire over time. Once that happens, someone else can easily take over by renewing the expired domain.
  3. A malicious actor can use that domain to replicate the previously available repository. Kodi won't know the difference, and it will contact the domain when checking for updates.
  4. Malicious updates will easily reach Kodi and propagate throughout your system, leaving you and your personal data exposed.

This happens due to the lack of encryption and authentication in this process, as anti-virus vendors have discovered and explained in the past. Also, it was noted that this process doesn't take impressive skills to pull off, which is what's highly interesting here.

What Exactly Are Forkes & Clones of Kodi Addons?

Kodi Interface Showing Official Kodi Repository

In the world of software development, a fork is a copy of an application. This means someone can take a program's source and then use that code as a base for their project. However, for that to happen, a set of criteria needs to be met.

Kodi is a perfect example of how forks and clones work - because this application is open-source. This means Kodi's code can be used and edited by just about anyone. In other words, someone is free to take Kodi's code to create their own application by adding their own spin to things (this is considered legal and permitted, of course).

The same applies to Kodi addon forks and clones. Individual Kodi addons can found on GitHub, for example. This is how developers can collaborate and share their applications' code. As a result, creating a new addon is much faster and easier because a base is already built and ready.

To give you an example, we'll mention the Exodus Kodi addon. This was one of the most popular Kodi addons until a few months back, when it stopped being operational. However, its most popular fork (called Exodus Redux) is still out there and widely used across the world.

Then, we have the Covenant Kodi addon. If we compare it to addons like Yoda, Tempest, and Venom (all of which are highly popular), we'll see that they look the same. That's because they share the same core code, which means that we're talking about forks and clones here.

Aside from forks and clones of Kodi addons, we also have several Kodi's forks. Those applications are based on Kodi, adding their own spin to their core concept.

One of the most popular examples here is SPMC (Semper Media Center), which has been under active development for several years. However, SPMC is no longer available. Another good example of a Kodi fork would be MrMC.

Why Are Forks & Clones of Kodi Addons Dangerous?

Forks and clones of Kodi addons are dangerous because of their unpredictable nature. And also, because forks present an easy way for malicious actors to quick-start their "projects."

To illustrate this with an example, we'll once again mention Exodus for Kodi.

At the moment, this addon isn't under active development, and some of its functionality is broken (and that's why you should uninstall this addon). However, the fact is that Exodus has been one of the most popular addons for many years now and it remains installed on many systems.

Keep in Mind: MPAA & ACE Expanding Their Efforts on Fighting Kodi-Related Piracy

Therefore, the current situation with Exodus will force many Kodi users to look for alternatives. That means that we'll probably see a whole range of new Exodus forks appear online, promising to help you stream movies and TV shows in a way you've been doing for so many years now.

However, how do you know which addons to trust? How to know which Exodus forks are safe and which ones aren't exploiting the current situation? There's really no way of knowing, and you might find yourself in plenty of trouble before you know it.

Keep in mind that unofficial Kodi addons are highly unreliable. And most importantly, many of them stop working overnight. While some developers give up on their own, others are forced to quit once they appear on anti-piracy agencies' radars.

This is precisely what had happened with the Shadow Kodi addon. And earlier, this was why repositories like OneNation, KodiUKTV, and Supremacy stop working - along with a large list of previously popular addons.

What Can You Do to Protect Yourself While Using Kodi?

There are several ways to protect yourself. Based on our years-long experience of dealing with Kodi, we recommend taking the following actions:

  1. Make sure that you're using a suitable VPN for Kodi.
  2. Try to avoid unofficial Kodi addons (including forks and clones) altogether.
  3. Rely on third-party solutions for anti-malware protection.

Not sure which VPN to use? Well, know that we've tested more than sixty VPNs so far. Based on our findings, your best option right now is ExpressVPN. To check some of the best alternatives, here's our list of the best VPNs for Kodi.

Here's Why You Need to Use a VPN for Kodi

No matter why you're using Kodi, we highly recommend combining this application with a VPN service. There are numerous reasons why this is a good idea, so let's explain some of those:

Plenty could be said about VPN services, and we strongly recommend taking some time to learn about this technology. With that said, here are the basics of what you must know about VPN applications. Then, read about how VPNs work.

Once you're ready to dive into using VPNs on Kodi, you'll want to know how to combine these two types of software. So, we offer you our guide on how to install, set-up, and configure a VPN on Kodi.

Here's Why You Should Avoid Unofficial Kodi Addons

Then, we also recommend avoiding unofficial Kodi addons altogether. As you can see above, these come with plenty of risks that outweigh any potential benefits.

Just to be clear, when talking about unofficial Kodi addons, we're talking about those that come outside of Kodi's official repository. For example, those could be addons that you download from GitHub, or perhaps via ZIP files (from the Web).

And also, don't worry that you'll be left without any Kodi addons. Even if you turn only to Kodi's repository, you will still find hundreds of interesting options. To help you find those that are worth your time and effort, here's our overview of the best (legal and safe) Kodi addons.

Discover More Kodi Addons: MoviesLive TVLive SportsCartoonsAdult (XXX)TV ShowsGamingMusicAnimeDocumentariesKorean, and Bollywood.

Here's Why You Need a Third-Party Anti-Malware Protection

And lastly, we need to talk about anti-malware protection. As mentioned above, VPNs can help with this. However, nothing can replace a dedicated solution.

On certain platforms where Kodi is available, anti-virus software is also available. Even though this isn't the most complete protection in terms of Kodi (due to its architecture), an antimalware tool can greatly help reduce the risks associated with Kodi addons.

For additional recommendations, we've prepared a couple of handy resources. If you're willing to invest in anti-virus protection, check the best anti-virus software available right now. Even using a free anti-virus goes a long way - so these are the 5 best anti-virus applications in 2020.

There's a very useful Kodi addon (called SafeKodi) that scans your Kodi files - and has the potential to warn about risky add-ons. It comes free of charge, and it's made by reputable cybersecurity researchers. Therefore, we highly recommend it. So, make sure to read more about the SafeKodi addon.

Finally, that would be all you need to know about unsafe Kodi addons. We hope you're now aware of the dangers that Kodi addons (as well as their forks and clones) bring. If you have any questions, don't hesitate to post a comment below. And also, make sure to share this article online. Thanks!



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: