A researcher searched the Kindle’s software to find how to hack them. He succeeded, with the help of a malicious e-book he created.
All Your Electronics Can Be Attacked, Episode 28138. On August 6, Check Point researcher Slava Makkaveev published his work on Kindle, Amazon’s dedicated reading tablets. Result: he discovered a chain of two vulnerabilities that allow him to take control of these devices. The first allows you to enter the device remotely, while the second allows you to gain administrative rights on the device, so that the malware can use its full capabilities. To exploit these loopholes, the researcher created a malicious e-book hidden under a nice cover, which a victim could be tempted to download. Once the e-book is opened by the target, the attack is successful.
Amazon allows self-publishing on its download platform, and there are several methods to bypass its store and download from a third-party source (for example to retrieve an unofficial translation of a book). Combined with well-done phishing, it could be relatively easy to get an infected e-book to download to its target.
” Even if sometimes you’re not happy with writing a book, no one expects to download a really malicious one. No such scenario has been released. Antivirus do not have signatures [les traces de malware qui permettent de les reconnaître, ndlr] for e-books. But … we managed to create a malicious book », Develops Makkaveev.
Reported to Amazon in February 2021, the flaws were fixed in an April update, before they were exploited by thugs. If you have connected your Kindle to the Internet since then, your device will have received the patch automatically. And if you haven’t connected your Kindle to the Internet, you certainly won’t be exposed to this cyberattack scenario, since you won’t have downloaded an eBook.
A tablet to enter your network
“Hack a Kindle tablet, what for? », You are surely asking yourself. The first applications that come to mind are the least serious: thanks to the vulnerabilities, the attacker can delete the library of virtual books and add new ones. But no one would engage in such technical manipulation for a simple joke.
Where the cyberattack could get interesting was that it allowed the victim’s Amazon credentials to be copied, as well as their billing information. Better still, the tablet becomes a gateway to the victim’s local network. In other words, the hacker can turn the Kindle into an attack tool against the victim’s other devices, and in particular his computer and his smartphone.
Finally, this kind of research, even if it prevents a real risk, mainly aims to demonstrate that any device can be hacked. Tens of millions of Kindle are enthroned on the bedside tables of as many homes, and the cyberattack discovered by Makkaveev makes it possible to make them entry points into the local network of the victims. We are therefore talking about a cyber attack that could be launched remotely – without approaching the target – and could affect a very large number of devices. It also made it possible to target subsets of people according to the language and gender displayed by the fake e-book.
But the effort to get the infected e-book to download undetected makes it a type of attack unlikely to be adopted, at least on a large scale. For good reason: cybercriminals always take the simplest thing, so why would they launch a complex manipulation against a Kindle when the home computer, the real mine of information, is vulnerable to many other attacks? Why go in through the narrow window when the front door is not properly locked?