Amazon Fixes Flaw on Kindle That Could’ve Allowed Hackers Steal Billing Data

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Amazon was informed about the flaw back in April.

Amazon was informed about the flaw back in April.

A report notes Amazon Kindle e-reader could’ve be vulnerable to hacking through free e-books. Additionally, Kindle exploitation could be an easy operation for hackers to target specific audiences.

  • News18.com
  • Last Updated:August 10, 2021, 11:21 IST
  • FOLLOW US ON:

Amazon Kindle remains a popular choice for e-book readers, but its popularity also opens doors for security risks. That’s exactly what security research firm Check Point demonstrated in its latest report that notes Kindle e-reader could’ve be vulnerable to hacking through free e-books. The company states that a malicious book can be published and made available for free on e-libraries, including the Kindle Store, via the “self-publishing” service. These books can often reach end-users directly from the hacker in the guise of services from Amazon. If successfully installed, malware-laden e-books can expose information, billing accounts, and so. Even stolen email IDs can pave the way for sophisticated phishing attacks.

Check Point further claims that anti-viruses do not have signatures for e-books, which essentially means these applications may not detect the malware. The company adds that it successfully uploaded the malware to highlight the vulnerability. In a release, it is said that Kindle exploitation could be an easy operation for hackers to target specific audiences. This was possible by targeting books popular in a particular region. “To use a random example, if a threat actor wanted to target Romanian citizens, all they would need to do is publish some free and popular e-book in the Romanian language.” Speaking more over the possibility of a breach, the company notes that understanding Kindle’s architecture, which uses Linux codes at its core, helped them successfully hack their own e-reader.

Check Point demonstrated how an e-book could function as malware to Amazon back in February, and the issue is seemingly patched. Amazon addressed the vulnerability via an OTA update 5.13.5 version in April 2021. To check the version manually, from Home > Select Menu > Settings. You will see the current software version at the bottom of the screen. To manually update, using a…

Source…