Prior to a patch, a critical bug could have allowed attackers to take in excess of Kindles and steal private facts.
A security flaw in Amazon’s Kindle e-reader built it susceptible to destructive eBooks, opening the doorway to turning the products into bots, compromising personal information and facts and much more.
That’s according to Examine Issue researcher Slava Makkaeveev, who launched the findings Friday. Look at Stage disclosed the bug to Amazon in February, and it was set in April Amazon released patched firmware to be automatically installed on just about every Kindle connected to the internet. It’s unclear if the bug was exploited prior to the patch, but disaster appears to have been averted: Any severe attack could have affected tens of thousands and thousands of Kindle end users across the world.
The Check out Point investigation demonstrates how quickly an Book can be used to deliver malware.
“Antivirus [protections] do not have signatures for eBooks,” Makkaeveev wrote in . “A destructive Book can be published and built available for cost-free access in any digital library, which include the Kindle Retailer, by means of the ‘self-publishing’ assistance, or sent directly to the end-consumer system through the Amazon ‘send to Kindle’ provider.”
Anatomy of a Destructive E-book
The Look at Stage staff was in a position to make a proof-of-concept destructive E-book that, at the time it was opened on a Kindle, would have executed a concealed code with root rights, the report described.
“From this minute on, you can suppose that you have dropped handle of your e-reader,” Makkaeveev warned.
If a sufferer clicked on the destructive Ebook, it linked to a remote server and locked the user’s display screen, Verify Place discussed. The malware created by Examine Level then acquired root access, giving the attacker whole command of the Kindle, like accessibility to the user’s Amazon account, cookies and the device’s private keys.
Even worse nonetheless, the Kindle bug authorized danger actors to goal victims by specific areas, languages and extra.
Certain Demographics Simply Targeted
“In this circumstance, what alarmed us the most was the degree of victim specificity that the exploitation could have [used],” Yaniv Balmas, head of cyber-investigate at Look at Issue, claimed.
Balmas offered the example of a threat actor fascinated in concentrating on Romanians: Merely re-printing a well-liked title translated into Romanian would be an easy way to obtain accessibility to victims.
“That diploma of specificity in offensive attack abilities is really sought-following in the cybercrime and cyber-espionage planet,” Balmas advised Threatpost. “In the incorrect hands, these offensive abilities could do some critical destruction, which involved us immensely.”
Before this yr, Amazon compensated danger-hunter Yogev Bar-On $18,000 as section of its bug-bounty method, for getting KindleDrip. That vulnerability permitted attackers to email a destructive E book to a victim Kindle device to obtain root access to the system and steal money.
The Check Level investigation reveals reinforces what a destructive E-book attack might appear like: i.e., quick to execute. Balmas included the sheer ubiquity of Kindles in the market demand that its security be intently scrutinized.
“Kindle, like other internet of factors (IoT) devices, are generally imagined of as innocuous and disregarded as security pitfalls,” Balmas said. “Everyone ought to be aware of the cyber-risks in utilizing just about anything linked to the pc, in particular something as ubiquitous as Amazon’s Kindle.”
Nervous about wherever the following attack is coming from? We’ve acquired your back again. REGISTER NOW for our impending dwell webinar, How to Imagine Like a Risk Actor, in partnership with Uptycs. Uncover out exactly wherever attackers are focusing on you and how to get there very first. Sign up for host Becky Bracken and Uptycs scientists Amit Malik and Ashwin Vamshi on Aug. 17 at 11AM EST for this LIVE discussion.
Some pieces of this article are sourced from: