Hacker hijacks Amazon accounts via Kindle ebook
TL;DR
An ethical hacker demonstrated how a malicious Kindle ebook can exploit vulnerabilities to hijack linked Amazon accounts, warning users about the risks of downloading ebooks.
Source: The Times
A researcher who hijacked an Amazon account by hacking into a Kindle has warned people about the dangers of downloading ebooks. Valentino Ricotta, an engineering analyst for Thales, the defence and security group, created a “malicious” ebook that enabled him to exploit vulnerabilities in the Kindle. When the ebook was downloaded on to the device, he was able to get full access to the linked Amazon account. Ricotta, an ethical hacker based at Thalium, the Rennes, France-based research division of Thales, looks for vulnerabilities in common devices and presented his findings at the Black Hat Europe hacker conference in London, in a session called Don’t Judge an Audiobook by Its Cover. Full Story