Beware of Kindle books infested with Malware


The Kindle is easily among the lesser attractive targets when it comes to hacking. However, it could still be worthwhile to ensure the highest levels of security to the device considering that it contains such information as your Amazon account details as well as billing info, and in the wrong hands, these could lead to disastrous consequences.

Fortunately, anything of that sort has been averted, or so it seems. A flaw of this magnitude did exist in present-day Kindle eReader devices that have been detected by the Israeli security firm, Check Point Research. It revealed its findings at the hacker and cybersecurity convention, DEF CON. Amazon responded with a patch via Kindle firmware update 5.13.5 that plugged the hole. So, anyone who might not have connected their Kindle to the internet in a while has a strong reason to do so now.

As for the modus operandi, it couldn’t have been simpler than this. All that could have led to your Kindle being hacked was download malware that is in the guise of an eBook. Just opening the eBook would hand over the control of the Kindle to the hackers, who will now have complete control over your device without you even being aware of it.

The damage is done in the few seconds that the device needs to process the eBook before displaying it on the screen. A code will be running in the background that would make the Kindle be remotely operable by the hackers. Your Kindle could also be used as a launchpad for attacking other devices in the local network.

Does downloading eBooks from the Kindle Store could have posed a risk? Less likely but no way it can be guaranteed. After all, there is no dearth of self-published authors uploading their content on the Kindle Store regularly. Plus, we often tend to side-load eBooks which too could have been another source of malware-infested eBooks making their way to the Kindle.

Source…