Search This Blog

Showing posts with label Threat actor. Show all posts

Kindle's E-book Vulnerability Could Have Been Exploited to Hijack a User's Device

 

Amazon patched a significant vulnerability in its Kindle e-book reader platform earlier this April, which could have been used to gain complete control of a user's device and steal sensitive data by simply deploying a malicious e-book. "By sending Kindle users a single malicious e-book, a threat actor could have stolen any information stored on the device, from Amazon account credentials to billing information," Yaniv Balmas, head of cyber research at Check Point, said in an emailed statement. "The security vulnerabilities allow an attacker to target a very specific audience."

In other words, if a threat actor wanted to target a certain group of individuals or demographic, the adversary could tailor and coordinate a highly targeted cyber-attack using a popular e-book in a language or dialect widely spoken among the group.

Threat actors might readily target speakers of a specific language, according to Balmas. To target Romanians, for example, they would only need to publish a bestselling book in that language as an e-book. Because the majority of people who download that book will almost certainly speak Romanian, a hacker may be confident that nearly all of the victims will be Romanian. 

“That degree of specificity in offensive attack capabilities is very sought after in the cybercrime and cyber-espionage world. In the wrong hands, those offensive capabilities could do some serious damage, which concerned us immensely,” Balmas said. 

Following a responsible disclosure of the problem to Amazon in February 2021, the retail and entertainment behemoth released a patch in April 2021 as part of its 5.13.5 edition of Kindle software. The flaw is exploited by sending a malicious e-book to an intended victim, who, upon opening the book, triggers the infection sequence without any interaction from the user, allowing the threat actor to delete the user's library, gain full access to the Amazon account, or turn the Kindle into a bot for striking other devices in the target's local network. 

The flaw is in the firmware's e-book parsing architecture, notably in the implementation of how PDF documents are opened, which allows a malicious payload to be executed on the device. 

"Kindle, like other IoT devices, are often thought of as innocuous and disregarded as security risks," Balmas said. "These IoT devices are vulnerable to the same attacks as computers. Everyone should be aware of the cyber risks in using anything connected to the computer, especially something as ubiquitous as Amazon's Kindle."

Threat Actor Targets New Zealand Reserve Bank to Acquire Sensitive Information

 

New Zealand’s Reserve Bank data systems were hacked by an anonymous hacker who potentially secured access to sensitive and personal information. The hacker managed to get his hands on a third-party file sharing service, the one used by Central Bank of New Zealand to share and reserve sensitive information. 

The Reserve Bank of New Zealand based in Wellington, commonly named as Te Putea Matua is accountable for generating monetary policy to stabilize prices in the nation. The Governor of Reserve Bank of New Zealand Adrian Orr assured the public that the data breach has been restrained and the bank’s core functions “remain sound and operational”. 

Threat actors have targeted a number of major organizations in New Zealand in the past year. New Zealand Stock Exchange was one of the prominent victims of the cyber attack and its servers were knocked out for nearly a week in August 2020. In a conversation with Radio New Zealand, Dave Parry the professor of computer science at Auckland University told that there might be a possibility of another government’s influence behind the Reserve Bank data leak. 

Adrian Orr stated that “we are working closely with domestic and international security experts and other relevant authorities as part of our investigation and response to this malicious attack. The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information. The system has been secured and taken offline until we have completed our initial investigations”.

Till further investigations, the Reserve Bank of New Zealand is currently considering alternative techniques to secure data and has taken its systems offline.