T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360
AMAZON Kindles can become easy pickings for hackers who can wipe users’ books and collect privileged information by simply opening a single corrupt ebook, according to an Israeli cybersecurity company’s published report.
“Our research demonstrates that any electronic device, at the end of the day, is some form of computer,” wrote Yaniv Balmas, head of cyber research at the Israel-based cybersecurity company Check Point.
He said mobile devices are just as “vulnerable” to the same tradecraft used by black hats to attack stationary computers.
“Everyone should be aware of the cyber risks in using anything connected to the computer, especially something as ubiquitous as Amazon’s Kindle, he wrote according to the research published Friday for DEF CON security conference happening in Las Vegas and first reported by Forbes.
Balmas described how a remote hacker can furnish a malicious book into the Amazon marketplace and once opened, the crook can delete any of the titles stored on the device and get a hold of the authentication token that permits a user to access their Amazon account
“Equipped with these tokens the attacker would now be able to access the victim’s Amazon account and perform anything on his behalf,” Balmas added.
What’s more, the same hacker breaching the Kindle could use it as a launchpad to devise other ways to infiltrate devices connected to a network.
Balmas created a hypothetical hack by manufacturing a compromised ebook to showcase how once it’s opened on the Kindle he could overwrite parts of the operating system memory.
While he did that, Balmas also managed to detect another exploit where he could manipulate the root user rights,” meaning he could remotely control or alter the software, according to Forbes.
Amazon claims to have patched the bugs and also had confidence that users running their most recent Kindle software are immune to the hacks Balmas and his team discovered.
The company didn’t respond to Forbes’ request for comment.
If an attacker can discern…