Logo

Logo

Hackers might exploit bug in Amazon Kindle, company issues fix

Kindle, like other IoT devices, are often thought of as innocuous and disregarded as security risks

Hackers might exploit bug in Amazon Kindle, company issues fix

A team of cyber-security researchers has discovered security flaws in popular e-reading device Amazon Kindle that might have led hackers to take full control of a Kindle device, opening a path to stealing information stored.

By tricking victims into opening a malicious e-book, a threat actor could have leveraged the flaws to target specific demographics and take full control of a Kindle device, according to a Check Point Research (CPR) team.

“By sending Kindle users a single malicious e-book, a threat actor could have stolen any information stored on the device, from Amazon account credentials to billing information,” said Yaniv Balmas, Head of Cyber Research at Check Point Software.

Advertisement

Kindle, like other IoT devices, are often thought of as innocuous and disregarded as security risks.

The exploitation involves sending a malicious e-book to a victim. Once the e-book is delivered, the victim simply needs to open it to start the exploit chain. No other indication or interactions are required on behalf of the victim to execute the exploitation. The team proved that an e-book could have been used as malware against Kindle, leading to a range of consequences.

Advertisement