Czech point security researchers are currently reporting a dangerous vulnerability in the popular Amazon Kindle reader. Accordingly, her team can develop a source-concept for a malicious e-book. After opening, it will be able to run hidden code on Amazon Kindle with root privileges. As a result, you can easily take the device and the user’s connected Amazon account. Checkpoint presented its results at the “Def Con” in Las Vegas. Point to point researcher Slava McCarthy The blog posted the results on Friday.
Czech Point Research (CPR) handled the diagnosis and application Security vulnerabilities Proved that an e-book against Kindle could have been used as malware. According to the company, this leads to many consequences. For example, the attacker may delete the user’s e-books. You could also consider turning the Kindle into a malicious bot that can attack other devices on the user’s local network. CPR reports:
“The popular reading device for e-books can be taken by a very simple hack. As a result, if the user does not set two-factor authentication, the attackers can even capture the entire Amazon account.
Amazon Kindle: Attack by download using e-book as malware
Here would be an e-book about a conceivable attack situational service “Self-publishing” Published in any virtual library, including the Kindle Store, and made available for free access or service “Send to Kindle” Can be sent directly to the device from Amazon. Because the attack starts with a dirty e-book. Hackers hid their malware or “Payload” And provide it for download.
In this case, the malicious book is an e-book made in PDF format. So this is one of the many formats that Amazon Kindle can process. However, a memory bug here allows you to execute arbitrary code when the e-book is opened. As a result, another security vulnerability code is enabled on the device with root privileges.
The chain of exploitation begins as soon as the corresponding e-book is opened. The hidden code is then executed with root privileges. From this point on, you may feel that you have lost control of the e-reader, warns Slava McKev. According to a security researcher at Checkpoint, such malware goes undetected by antivirus programs because they do not have signatures for e-books.
“Accidentally executes malicious command lines that can damage the Kindle device and lock the user’s screen whenever anyone presses it.”
Two-factor authentication provides protection against attack
From then on, attackers will have full access to the device and can use it to capture the linked Amazon account. Only two-factor recognition can help against the latter. Yaniv Palmas, Head of Cyber Research at Checkpoint, Explains to Forbes:
“We have detected some vulnerabilities in the Kindle, which allows an attacker to take full control of the device.
Security researchers provide information on their approach in a video:
Targeting specific populations
For example, if a threatening actor wants to target a specific group of people or population, they can easily pick up a popular e-book in the appropriate language or dialect to plan the most popular cyber attack. Yaniv Palmas describes:
“What worries us the most in this case is the specific status of the victim. Since these are books, the language and content of the contaminated counterfeit material is used to select victims well, for example according to their appearance or age. The vulnerability helps the attacker to target a specific audience.
To give an arbitrary example: If an attacker wants to target Romanian citizens, all he has to do is publish a free copy of an e-book popular in Romanian. Since then, the hacker can be sure that all of his victims are actually Romanians. These attacks are particularly popular in the world of cybercrime and cyber espionage.
Amazon already announced in February: Amazon closes security hole with Kindle update
Checkpoint announced its results to Amazon before February 2021. Amazon then closed the gap by fixing version 5.13.5 of the Kindle firmware update released in April 2021. Connected firmware will be installed automatically on devices connected to the Internet. So far, there is no indication that hackers are already using these security vulnerabilities in real life.
Yaniv Palmas summarizes:
“Amazon Kindle devices, like other IoT devices, are often seen as vulnerable and security vulnerabilities are being ignored.
“Avid writer. Subtly charming alcohol fanatic. Total twitter junkie. Coffee enthusiast. Proud gamer. Web aficionado. Music advocate. Zombie lover. Reader.”