If you came across a Kindle e-book download link from any suspicious sources or somewhere other than Amazon itself, check twice before you proceed download. As downloading an eBook could put your personal information at risk.
A security researcher has uncovered a security hole in Amazon's Kindle Library that could lead to cross-site scripting (XSS) attacks and account compromises when you upload a malicious ebook.
AMAZON CREDENTIALS – BOON FOR HACKERS
The flaw affects the "Manage Your Content and Devices" and "Manage your Kindle" services in Amazon's web-based Kindle Library, which could allow a hacker to inject and hide malicious lines of code into into e-book metadata, such as the title text of an eBook, in order to compromise the security of your Amazon account.
Gaining access to your Amazon account credentials is one of the biggest boons for hackers, as they can set-up new credit cards in your account or max out the current ones on file with some big Amazon purchases. Additionally, they could compromise your other online accounts with the help of those credentials and personal information contained in your Amazon account.
FLAW WAS FIXED AND RE-INTRODUCED AGAIN
The vulnerability, which could be exploited when a user downloads a malicious e-book, was originally discovered by German security researcher Benjamin Daniel Mussler in October last year and was subsequently fixed by the retail giant in December.
However, the flaw was re-introduced after an update to the Manage Your Kindle page, and has been active since at least July this year, despite being reported by Mr Mussler to Amazon's security team. After hearing no reply from the company for several months, he decided to go public with the flaw. And at the time of writing, Amazon's Kindle Library is vulnerable to Cross-Site Scripting (XSS) attacks, according to Mr Mussler.
Amazon's "Send to Kindle" plugin for Windows and Mac helps users to send their personal documents to their Kindle devices, including ebook files obtained from other sources as well. You can archive these documents in your Kindle Library on the cloud to easily zap them to all your Kindles at any time.
ATTACK SCENARIO
Mr Mussler continued that once a hacker manages to load your Kindle Library with a corrupted e-book, (typically with a title like ), the account cookies can be accessed by and transferred to the attacker. As a result, your Amazon account can be compromised, which could potentially expose users' personal addresses, payment details and order history as well.
"Malicious code can be injected via ebook metadata; for example, an ebook's title," wrote Mr Mussler on his personal blog, adding that "the code will be executed as soon as the victim opens the Kindle Library web page. As a result, Amazon account cookies can be accessed by and transferred to the attacker and the victim's Amazon account can be compromised."
PROOF OF CONCEPT ATTACK CODE
According to Mr Mussler, Amazon used his proof of concept attack code during its testing of the Manage your Kindle page and was surprised that an oversight suggests that the exploit is active. But, users who stick to e-books sold and delivered by Amazon are safe.
Thankfully, the exploit only affects users who download pirated eBooks from dubious sources, so don't worry about adding an eBook to your Amazon shopping cart any time soon.
