If you download Kindle ebooks from dubious sources aka anywhere other than Amazon, watch out. A security researcher has discovered a security hole in the “Manage Your Kindle” page on Amazon’s website outs That your Amazon credentials are hackers when you upload a malicious ebook.
Amazon’s Provides an extremely handy “Send to Kindle” plugin for Windows and Mac to help users send personal documents is Their Kindle devices, Including ebook files Obtained from sources other than Amazon itself. You can choose to archive These in your Kindle Library on the cloud is conveniently zap them to all your Kindles at any time.
According to The Digital Reader , a hacker can gain access to your Amazon account by simply getting you to download and ebook file, Which itself you hacked it include a script like & lt; script src = “https://www.example.org/script.js” & gt; & lt; / script & gt; in the title.
Once the book is added to your library, the code will be executed as soon as you open the library in a web page. It Allows the hacker is access your Amazon cookies and THUS take over your account.
The researcher, Benjamin Musser, says he first discovered That the flaw in October last year and reported it to Amazon, Which instantly fixed it. However, it seems to have crept back in after the company revamped the “Manage Your Kindle” page.
How do you avoid getting bit? Do not pirate ebooks, for one. And if you do, do not send them to your Kindle using Amazon’s Kindle Library. Just copy them to your device over USB. But seriously, do not pirate them in the first place. [The Digital Reader via Engadget]
No comments:
Post a Comment