Pirated ebooks could let hackers steal your Amazon account

See the original posting on The Verge

Downloading ebooks from untrustworthy websites might result in your Amazon account data being compromised, reports one German researcher. According to Benjamin Daniel Mussler, a security flaw allows malicious code to be injected into an ebook’s metadata, which will then trigger when the victim opens up their Kindle Library web page.

Mussler writes that he informed Amazon of this vulnerability in 2013, after creating a sample file showcasing the problem. Although Amazon reportedly fixed the issue after the initial report, the company supposedly re-introduced the security flaw in a later update. The Digital Reader confirmed the claims recently after putting the hack to the test. Fortunately for those who routinely buy their digital…

Continue reading…