Overview
- Thales researcher Valentino Ricotta showed in London that a crafted ebook or audiobook could take over a Kindle and access the linked Amazon account.
- Ricotta’s chain began with a memory error in Audible file parsing and escalated via a vulnerability in the on-screen keyboard to gain full device control.
- The attack worked by extracting Amazon session cookies, enabling account access without a password and potentially exposing stored payment data.
- Amazon said it identified and fixed the issues, pushed automatic updates to affected devices, and has seen no evidence of real‑world abuse beyond the tests.
- Researchers warn that sideloaded files from third‑party sites, including via USB, remain a recurring risk, echoing earlier Kindle parsing flaws such as 2020’s KindleDrip.