Hacking Amazon Kindle: Creating a malicious audiobook and taking a $20,000 bounty. π§πππΌβΆοΈπ₯
Security researcher Valentino Ricotta shares his super insightful research on the internals of Amazon Kindle: how it works, how books and audiobooks are processed, and what vulnerabilities it has.
By finding and reporting a few bugs in the software, the author was able to create a malicious Audible audiobook to attack the device and its Amazon account. Reporting this kill chain to Amazonβs bug bounty program led to a $20,000 bounty and this talk!
So next time, make sure you buy Audible books and update your Kindle regularly! And please share :)
More details:
Donβt Judge An Audiobook By Its Cover: Taking Over Your Amazon Account With A Kindle [PDF]: http://i.blackhat.com/BH-EU-25/eu-25-Ricotta-Dont-Judge-An-Audiobook.pdf
