"Amazon Kindle Security Flaws Could Have Let Hackers Hijack Your Device"
Security researchers at Check Point Research (CPR) found security flaws in Amazon Kindle, which were patched by the e-commerce giant in a recent Kindle firmware update. The exploitation of the security flaws could have allowed an attacker to obtain information stored on a user's Kindle device. According to the researchers, an attacker would need to send a malicious e-book to a victim in order to exploit the flaws in the e-reader. When the malicious e-book is delivered to the user's device, and the victim opens it, the exploit chain begins. No other interaction from the user is required. The researchers demonstrated the use of an e-book as malware on an Amazon Kindle that could allow an attacker to delete a user's e-book library or turn their device into a malicious bot. By converting the device into a malicious bot, attackers could target other devices on a user's local network. An attacker could also steal a Kindle's Amazon device token or other sensitive information on a user's e-reader through the exploitation of the security flaws. This article continues to discuss the potential exploitation and impact of security vulnerabilities found in Amazon Kindle.
TechRadar reports "Amazon Kindle Security Flaws Could Have Let Hackers Hijack Your Device"