LONDON (IT BOLTWISE) – A new vulnerability in Kindle devices allows hackers to gain access to Amazon accounts by sideloading e-books. This vulnerability could have far-reaching consequences for user security.
Today’s daily deals at Amazon! ˗ˋˏ$ˎˊ˗
The world of e-readers has long been considered a safe haven in the digital landscape, but a new vulnerability in Kindle devices is challenging that assumption. According to a report, Valentino Ricotta, an engineer at Thales, developed a method to gain access to an Amazon account by sideloading a malicious e-book. This vulnerability could allow attackers to access personal and credit card information or even infiltrate the user’s local network.
Many Kindle users download books from third-party websites and transfer them to their devices via USB. This practice carries the risk of malicious content reaching the device even without an internet connection. Ricotta informed Amazon of the discovered vulnerabilities, which were classified as critical and immediately remedied. For his discovery, he received a bug bounty of $20,000, which Thales donated to a charity.
Although Amazon has fixed the reported vulnerabilities, there are reports of additional undetected methods that could lead to a complete account takeover. One of these methods involves a vulnerability in the Kindle’s on-screen keyboard that allows the user’s Amazon session cookies to be stolen. These cookies are crucial for account access and could be misused by hackers.
The discovery of these security vulnerabilities highlights the need to remain vigilant even with supposedly secure devices such as e-readers. Users should be careful about which sources they use to download eBooks and ensure that their devices are always up to date. The vulnerability shows that even specialized devices are not immune to cyberattacks and that ongoing security audits are essential.
Order an Amazon credit card without an annual fee with a credit limit of 2,000 euros!
Bestseller No. 1 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 2 ᵃ⤻ᶻ «KI Gadgets»
Bestseller No. 3 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 4 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 5 ᵃ⤻ᶻ “KI Gadgets”
Please send any additions and information to the editorial team by email to de-info[at]it-boltwise.de. Since we cannot rule out AI hallucinations, which rarely occur with AI-generated news and content, we ask you to contact us via email and inform us in the event of false statements or misinformation. Please don’t forget to include the article headline in the email: “Security vulnerability in Kindle devices: e-books as a gateway for hackers”.