Iread Pages

Main Menu

  • Home
  • Magazine
  • Ebook
  • Dictionary
  • Novel

Iread Pages

Header Banner

Iread Pages

  • Home
  • Magazine
  • Ebook
  • Dictionary
  • Novel
Ebook
Home›Ebook›#DEFCON: A bad eBook can take over your Kindle (or worse)

#DEFCON: A bad eBook can take over your Kindle (or worse)

By Katrina G. Dibiase
August 6, 2021
0
0


The Amazon Kindle e-reader is a popular device that has been on the market since 2007, with around 100 million Kindle in use around the world.

The primary purpose of Kindle is to enable users to read books. Slava Makkaveev, security researcher at Check Point Software Technologies, had another idea, however; he wanted to see if he could load a book that would exploit the Kindle. At the DEF CON 29 talk, Makkaveev described the process by which he was able to exploit a Kindle with a malicious eBook he was able to create.

“Personally, I use Kindle a lot, but I’ve never heard of a malicious eBook,” Makkaveev said. “This was the reason I researched how to create such a book that could be used to gain remote root access and take full control of a Kindle device.”

Makkaveev noted that users typically connect their Kindle devices to a Wi-Fi network. While Wi-Fi could potentially have been used as an entry point to attack the Kindle, in his view, the use of a book electronics to reach the device is much easier and will also allow mass attacks.

Kindle users can get books in a number of ways, including direct through Amazon, transferred via USB, or via email. There are also free online libraries open, where it is easy for anyone to upload and download eBooks.

“An attacker can easily download a malicious book for free access because no one expects malware to target the Kindle,” Makkaveev said. “Most libraries only care about the accuracy of the metadata in the downloaded book, so when you download an eBook from an online library, you can never be sure of its content.”

Inside the Kindle

Makkaveev explained that the Kindle operating system is essentially the Linux kernel

with a set of native programs, mainly provided by the open source BusyBox framework.

The way that many eBooks are read by the Kindle operating system is in the form of PDF file. There are a lot of different things that can be incorporated into a PDF file, so Makkaveev has focused his research on learning how the Kindle actually analyzes data to show it to users. During his research, he discovered a pair of vulnerabilities.

The first vulnerability is identified as CVE-2021-30354 and is an integer overflow in Kindle’s JBIG2 decoding algorithm for rendering words from a PDF file. The overflow could allow an attacker to potentially overwrite specific bits of memory on a Kindle device.

“Now we have a remote code execution vulnerability in the context of the PDF reading process,” Makkaveev said.

With the first vulnerability, it is possible to access special internal files on a Kindle, but an attacker would still be somewhat limited. What Makkaveev wanted was to be able to gain remote root access on a Kindle, without any restrictions. This is where the second vulnerability comes in, providing a local privilege escalation exploit identified as CVE-2021-30355.

In a brief demo, Makkaveev showed how the entire attack worked, where he was able to load a malicious eBook onto a Kindle and then take control of the device remotely. Once users click on the book, the malicious payload hidden in the book connects to a remote server, providing the reverse shell that locks the user’s screen with a window.

“As you can see, we get root permissions, so we can do whatever we want,” he said.

An attacker could potentially steal a victim’s Amazon account, delete books, convert the Kindle into a bot to attack other devices, or simply brick the device, rendering it useless.

Makkaveev concluded his presentation by noting that he reported the issues to Amazon in February 2021 and that they have now been resolved.


Related posts:

  1. Amazon First Reads: How to Score a New Free Kindle eBook Each Month
  2. Air and humidity management explored in the latest ebook
  3. Nubico e-book platform sold to Nextory
  4. WRB-AB Coating Streamlines Covered In Latest Ebook

Categories

  • Dictionary
  • Ebook
  • Magazine
  • Novel

Recent Posts

  • Interview with Peter C. Baker, author of Planes: A Novel
  • Back to School Magazine Deals from $5.50
  • HarperCollins audiobook and e-book sales increased 4%
  • Iman Hariri-Kia’s debut novel is at the center of fashion media’s digital awakening
  • Welcome to Modern Web App Security — Free eBook

Archives

  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • July 2020
  • June 2020
  • January 2020
  • February 2019
  • September 2017
  • Privacy Policy
  • Terms and Conditions