Amazon took down the KindleDrip bug, which allows hackers to gain control over your device and steal your bank details.
Hackers can’t resist hackers, and their latest data-stealing strategy is to hide in your ebook reader. Check Poin Software in Israel, a specialist in cybersecurity, discovered a vulnerability in Amazon’s Kindle devices. The flaw was activated by a malicious ebook.
Hackers found ways to hack Kindle users using their own features. With this they can take control of the device, delete the user’s ebook library, make purchases or turn Kindle into a malicious ‘bot’, which would allow it to attack other devices on the user’s local network, reports EuropaPress . The real threat is the possibility that the device can take the bank and Amazon credentials of the user.
Kindles are sometimes considered to be ” safe“, but they can also present risks for the user’s online security.
” These security flaws allow targeting a very targeted audience,” stated Eusebio Nieva (Technical Director at Check Point Software in Spain and Portugal). A random example would be that a cybercriminal could target Romanian citizens by publishing a popular and free e-book written in Romanian.
What is the mechanism by which the virus hacks Kindle?
Amazon Kindle features an important feature, Send to Kindle’. This allows you to easily send web pages, documents and books to your Kindle with one click. The extension is for Google Chrome. This allows you to send a webpage and then read it on your Kindle more comfortably. This feature turned out to be a security hole, Realmode Labs discovered.
– Entrepreneur in Spanish (@SoyEntrepreneur)August 4, 2021
Hackers can also access the Kindle system by obtaining malware-laden ebooks or documents. These can be found in virtually any library, and even given as a free gift.
The malware takes control of the computer by opening the downloaded document and executes the code. It can also make unauthorized purchases or steal their bank information.
It hides between the title of the Kindle store, which allows any user to self-publish material. This is a dangerous feature that can make it even more hazardous. According to the company, hackers used this feature in order to infect several Kindle.
What has Amazon done to safeguard Kindle users?
While it’s news today, the vulnerability KindleDrip was not new. Check Point Research alerted Amazon about this vulnerability last February. The company promised to fix it.
In April, Kindle installed a firmware upgrade on all devices to fix this bug. The patch to fix the vulnerability was included in Version 5.13.5. It was distributed to all computers that were connected to the internet. However, it is possible for the device to not be activated if there are no Kindle connections to constant WiFi signals.
Publiated at Mon, 9 Aug 2021 23:37:03 +0000