Terrarium TV user’s data at risk as Kodi repositories are found delivering malware

It’s not been a good week for online streamers. First, the developer of the popular Terrarium TV streaming app announced that it was shutting down for good. This was followed by a series of alarming notifications to users suggesting they were at risk.

Then, on top of the Terrarium TV case, Kodi users were also warning that they could have been infected with cryptomining malware.

The demise of Terrarium TV

Terrarium TV has been a big player in the online streaming world for a number of years now. It made use of video files from file-hosting sites to offer a huge range of content on-demand and over time rose to be a serious competitor to the likes of Popcorn Time and Showbox.

But, all of a sudden, last week, Terrarium TV was no more. In a surprise announcement, developer NitroXenon confirmed that he was shutting the app down for good. In a notification pushed out to Terrarium TV users, he confirmed that the service was shutting down for good as he wanted to work on other projects.

When pushed for a reason why by the TorrentFreak website, he was rather unnervingly evasive about his reasons. The assumption many reached was that he had been put under legal pressure to scrap the site, but he refused to confirm this.

Alarming notifications

However, if existing Terrarium TV users were nervous before, notifications they received over the weekend will have caused real alarm.

First, they were warned to “Uninstall immediately! Your IP address and location are being tracked!” This was followed up by another which said, “We can’t guarantee that details won’t be shared upon request.”

Panic has inevitably ensued as people frantically deleted the app and speculated about why such notifications might be pushed out.

When asked by TorrentFreak, developer NitroXenon said little to reassure. “I’m just telling the truth… Almost every app tracks user’s IP [addresses]. And if I must [hand] the info to authorities then I’ll do it.”

He failed to elaborate on this statement leaving many people to assume that he has indeed come under legal pressure. Whether he has retained details of users IP Addresses, continues to log these, and will hand them over to authorities, cannot be known.

What this case does illustrate all too clearly is why it is so important for anyone streaming content online to use a VPN to protect their identity.

Terrarium TV was not a particularly intrusive app. But it did still have permission to track users’ locations. And most users will have been aware that Terrarium TV did make copyrighted content available. It doesn’t take much to join the dots and realise there was a risk involved in using it.

However, if you used a VPN like ExpressVPN or IPVanish whenever you streamed anything on Terrarium TV, you have nothing to worry about.

Because a VPN encrypts all of your online data and obfuscates your own IP Address, Terrarium TV will have no record of your actual location. This means that regardless of what legal pressure the developer might be under, there is no direct risk of repercussions for you.

Kodi repositories pushing out cryptomining malware

Meanwhile, if you stream your media on Kodi, you could be at risk of a different nature. Recent reports from cyber-security company ESET have shown that at least three unofficial Kodi repositories appear to have been compromised.

Researchers have been looking at the code for three of these repositories Bubbles, Gaia, and XvBMC. They found malicious code hidden in some addons contained in all of them.

When these addons were downloaded, the malicious code would trigger the download of a second unofficial addon. This addon would be able to access details of the users operating system and had the ability to download separate cryptomining malware, which mined for Monero, at a later date.

All of these repositories are currently offline after receiving copyright notifications. But should any of them return, users need to be extremely wary of using them.

The security analysts report that there have been around 4,700 victims of this malware, most of whom were located in the UK, Netherlands, USA, Greece, and Israel.

If you think you could have been infected, the best advice is to download the latest version of an anti-virus programme and run it on your system to see if the malware is present.

This is not the first time that Kodi addons have been used as a tool to deliver malware and it almost certainly won’t be the last. Users should always look into a download before clicking go to try to try and establish its legitimacy and to read other users’ feedback.

And as with streaming services like Terrarium TV, they should always use a VPN whenever downloading or streaming on unofficial Kodi addons.

For more advice on this, read our guide to the Best VPN for Kodi 2018.

Leave a Reply

Your e-mail address will not be published. Required fields are marked *