[ DONATE TO RMN ] [ Return to Main Page ] [ Read Prev Article ] [ Read Next Article ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

RMN is Reader Supported

Our Goal for
SEP 6 - OCT 5:
$1500

Powered by FundRazr

Click Widget
or Click Here to contribute.

Checks & Money Orders:

Raye Allan Smith
P.O. Box 95
Ashtabula, OH 44005


Users Online:
114

Who Founded RMNews?


Dewitt Jones' Video
"Celebrate What's Right
With The World"


"When the
Starships Fly!"

Listen at YouTube


The Theme for The Obergon Chronicles

Listen at YouTube


The Obergon Chronicles ebook


RUMOR MILL
NEWS RADIO


CGI ROOM
Common Ground
Independent Media


WHAT ARE
THE FACTIONS?


THE AMAZING
RAYELAN ALLAN


BIORHYTHMS

LOTTO PICKS

OTHER WAYS TO DONATE





RUMOR MILL NEWS AGENTS WHO'VE BEEN INTERVIEWED ON RUMOR MILL NEWS RADIO

______________

NOVEMBER 2008

Kevin Courtois - Kcbjedi
______________

Dr Robin Falkov

______________

Melinda Pillsbury Hr1

Melinda Pillsbury Hr2

______________

Daneen Peterson

______________

Daneen Peterson

______________

Disclosure Hr1

Disclosure Hr2
______________

Scribe
______________

in_PHI_nitti
______________

Jasmine Hr1
Jasmine Hr2
______________

Tom Chittum Hr1
Tom Chittum Hr2
______________

Kevin Courtois
______________

Dr Syberlux
______________

Gary Larrabee Hr1
Gary Larrabee Hr2
______________

Kevin Courtois
______________

Pravdaseeker Hr1
Pravdaseeker Hr2
______________

DECEMBER 2008

Tom Chittum
______________

Crystal River
______________

Stewart Swerdlow Hr1
Stewart Swerdlow Hr2
______________

Janet Swerdlow Hr1
Janet Swerdlow Hr2
______________

Dr. Robin Falkov Hr1
Dr. Robin Falkov Hr2
Dr. Robin Falkov Hr3

JANUARY 2009 ______________

Patriotlad
______________

Patriotlad
______________

Crystal River
______________

Patriotlad
______________

Dr. Robin Falcov
______________

Patriotlad

FEBRUARY 2009

Find UFOs, The Apocalypse, New World Order, Political Analysis,
Alternative Health, Armageddon, Conspiracies, Prophecies, Spirituality,
Home Schooling, Home Mortgages and more, in:

The Rumor Mill News Reading Room

Security Flaw Allowed Attackers to Take over Amazon Kindles, Turn Them Into Bots, Steal Personal Info, and More

Posted By: RumorMail
Date: Tuesday, 10-Aug-2021 11:52:29
www.rumormill.news/179222

Amazon Kindle Vulnerable to Malicious EBooks

Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data.

A security flaw in Amazon’s Kindle e-reader made it vulnerable to malicious eBooks, opening the door to turning the devices into bots, compromising personal information and more.

That’s according to Check Point researcher Slava Makkaeveev, who released the findings Friday. Check Point disclosed the bug to Amazon in February, and it was fixed in April; Amazon released patched firmware to be automatically installed on every Kindle connected to the internet. It’s unclear if the bug was exploited prior to the patch, but crisis appears to have been averted: Any serious attack could have affected tens of millions of Kindle users across the globe.

The Check Point research demonstrates how easily an eBook can be used to deliver malware.

“Antivirus [protections] do not have signatures for eBooks,” Makkaeveev wrote in . “A malicious eBook can be published and made available for free access in any virtual library, including the Kindle Store, via the ‘self-publishing’ service, or sent directly to the end-user device via the Amazon ‘send to Kindle’ service.”

Anatomy of a Malicious EBook

The Check Point team was able to create a proof-of-concept malicious eBook that, once it was opened on a Kindle, would have executed a hidden code with root rights, the report explained.

“From this moment on, you can assume that you have lost control of your e-reader,” Makkaeveev warned.

If a victim clicked on the malicious eBook, it connected to a remote server and locked the user’s screen, Check Point explained. The malware developed by Check Point then gained root access, giving the attacker total control of the Kindle, including access to the user’s Amazon account, cookies and the device’s private keys.

Worse yet, the Kindle bug allowed threat actors to target victims by specific regions, languages and more.

Specific Demographics Easily Targeted

“In this case, what alarmed us the most was the degree of victim specificity that the exploitation could have [used],” Yaniv Balmas, head of cyber-research at Check Point, said.

Balmas offered the example of a threat actor interested in targeting Romanians: Simply re-printing a popular title translated into Romanian would be an easy way to gain access to victims.

“That degree of specificity in offensive attack capabilities is very sought-after in the cybercrime and cyber-espionage world,” Balmas told Threatpost. “In the wrong hands, those offensive capabilities could do some serious damage, which concerned us immensely.”

Earlier this year, Amazon paid threat-hunter Yogev Bar-On $18,000 as part of its bug-bounty program, for discovering KindleDrip. That vulnerability allowed attackers to email a malicious eBook to a victim Kindle device to gain root access to the device and steal money.

The Check Point research shows reinforces what a malicious eBook attack might look like: i.e., easy to execute. Balmas added the sheer ubiquity of Kindles in the market demand that its security be closely scrutinized.

“Kindle, like other internet of things (IoT) devices, are often thought of as innocuous and disregarded as security risks,” Balmas said. “Everyone should be aware of the cyber-risks in using anything connected to the computer, especially something as ubiquitous as Amazon’s Kindle.”

Read More




If you enjoyed this article,
Please consider a monthly subscription to Rumor Mill News!!


RMN is an RA production.

The only pay your RMN moderators receive
comes from ads.
Please consider putting RMN in
your ad blocker's whitelist.

Serving Truth and Freedom
Worldwide since 1996
 
Politically Incorrect News
Stranger than Fiction
Usually True!


Powered
by FundRazr
Click Widget
or Click Here to contribute.


Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents

Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents



[ DONATE TO RMN ] [ Return to Main Page ] [ Read Prev Article ] [ Read Next Article ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

The Rumor Mill News Reading Room is maintained by Forum Admin with WebBBS 5.12.