Amazon Kindle Security Flaw And eBooks with Malware

Your e-reader could’ve been compromised.

A security bug disclosed this past week would’ve allowed hackers to install devices with malware, giving them unauthorized access to Amazon accounts and other sensitive information. Once a malicious kindle book was opened, a user’s screen would be locked and an attacker would gain total control of the e-reader.

While this type of attack was a proof-of-concept created by Check Point researchers, the flaw in Kindle devices was open to exploitation until April of this year, after which a patch was released by Amazon. There’s no evidence to suggest a cyber attack occurred while the flaw existed, however it had the potential to affect millions of users worldwide.

While the cybersecurity nightmare was seemingly avoided, it’s important to know that eBooks that are self-published or made free for access, in any online library, can contain different types of malware. A researcher from Check Point notes that antivirus software is unable to protect against viruses contained within eBooks, so be sure to do your due diligence when downloading stories off of the web.

The reason this particular bug was so alarming to researchers was how specific the attacks could get. Attackers could target victims by their location and what languages they speak, making it a desirable flaw to exploit in the cybercrime world. Most people don’t think of e-readers as being a valuable threat vector, but anything that connects to the internet is fair game.

Remaining vigilant when interacting with any online device is paramount to maintaining your safety. Having security software in place is always a good start, but as we’ve seen in other cyber attacks, it’s not always enough to prevent an issue from occurring. People are the first line of defense when it comes to minimizing risk, as human error is often the cause of a breached infrastructure.