Archive – Kindle Voyage ebook ereader ebook – AMAZON – Archive
MADRID, 6 Ago. . –
A vulnerability present in the Amazon Kindle e-reader has allowed cybercriminals to gain full control of a user’s device and access confidential information stored on it, by downloading a malicious ‘ebook’.
Check Point Research has identified a security flaw in Kindle devices that was activated with a malicious ‘ebook’, which the user could download from any virtual library, including the Kindle Store, through the ‘self-publishing’ service, or receive through Amazon’s ‘send to kindle’ service.
If the user opens the malicious ‘ebook’ on the Kindle, then the chain of ‘malware’ starts, with no further interaction required on their part. The company indicates that one of the consequences may be deleting a user’s e-books which the Kindle turned into a malicious ‘bot’, which would allow it to attack other devices on the user’s local network.
Likewise, and as the technical director of Check Point Software for Spain and Portugal, Eusebio Nieva, explains in a statement, a cybercriminal could take full control of the device and steal any stored information in it, from the credentials of the Amazon account to the banking information.
“The Kindle, like other IoT devices, are generally considered safe and are not considered as safety risks“points out Nieva, who defends that” everyone should be aware of the cyber risks involved in the use of any item connected to the computer, especially something as ubiquitous as the Amazon Kindle. “
Check Point informed Amazon of its findings in February this year, leading to the deployment of a fix to version 5.13.5 of the April 2021 Kindle ‘firmware’ update.. The patched ‘firmware’ is automatically installed on devices connected to the Internet.