A new cybersecurity warning has raised concerns for Kindle users around the world. Security experts have found that some e-books can contain hidden malware that allows hackers to gain access to a user’s Amazon account. This discovery challenges the common belief that e-readers are safe devices used only for reading, showing that even an e-book file can be risky when it comes from an untrusted source.
The issue was revealed after Valentino Ricotta, an engineering analyst at Thales, demonstrated how a specially crafted e-book could exploit security weaknesses in Kindle devices. His findings showed that downloading and sideloading e-books from third-party websites could expose personal and financial information linked to a user’s Amazon account.
The warning is significant because millions of users regularly sideload books, assuming offline files are harmless. This case shows that such practices can carry serious security risks.
What the Kindle Malware Is and How It Spreads
The malware involved in this case is hidden inside an e-book file and appears completely normal to users. There are no warnings, alerts, or permission requests. Once the e-book is transferred to a Kindle, the hidden code can exploit security flaws in the device’s software.
Stanford experiment shows AI hacker ARTEMIS outperforms highly paid human cybersecurity experts
This malware mainly spreads through sideloading. Sideloading means downloading e-books from outside the official Amazon Kindle Store and manually transferring them to a Kindle using a USB cable or similar methods. Many users rely on this method to access free books or large collections from third-party websites.
Valentino Ricotta explained that these malicious e-books can give attackers a foothold inside the Kindle. From there, the malware can access protected system functions and move beyond the book itself to reach the Amazon account linked to the device.
A key concern is that the Kindle does not need to be online when the infected e-book is added. The malware can remain hidden and activate later when the device connects to the internet, making the attack difficult to detect.
How Amazon Accounts and Personal Data Are Exposed
When a Kindle is linked to an Amazon account, it stores background data to keep the user signed in. This includes login sessions, account tokens, and other system information. If malware gains access to this data, it can take control of the account without requiring a password.
Valentino Ricotta said that once a Kindle is compromised, attackers may be able to access personal details tied to the Amazon account. This can include names, email addresses, purchase history, and saved payment information such as credit card details.
A major concern involves session cookies. These digital tokens confirm that a user is already logged in. If stolen, they allow attackers to access the account as the legitimate user, often without triggering security warnings.
In some cases, a compromised Kindle could also be used as a stepping stone to access other devices linked to the same Amazon account or move further into the user’s local network.
Cyber warfare reaches the high seas as IRGC-linked hackers target Greek shipowner Altomare
Why Third-Party E-Books Increase the Risk
Third-party e-book websites are widely used by Kindle owners looking for free or bulk book downloads. Many users download large numbers of files at once and transfer them to their Kindle without checking their source.
Unlike the official Kindle Store, these websites do not follow strict security checks. This makes it easier for attackers to upload malicious e-books that appear safe and legitimate.
Ricotta warned that users often trust e-book files too easily. Because books are seen as harmless, people rarely suspect they could contain malware. This false sense of security makes e-books an effective way to hide malicious code.
Even users who rarely connect their Kindle to the internet are still at risk. Malware can be transferred through USB and remain inactive until the device goes online later.
