Researchers found that chained bugs were the root cause of the complete e-reader take over.
They also explained about how the hackers chained the vulnerabilities to gain Remote Code Execution (RCE) on Amazon Kindle e-reader.
Amazon Kindle is a sequence of e-readers that is created and marketed by Amazon. Amazon kindle allows the users to download, buy, browse and read e-books, newspapers, magazines and other digital media through kindle store.
Amazon kindle is a hardware platform that was developed in 2007 by Lab126. The kindle has around 6 million e-books available in the United States.
The researcher Yogev Bar-on has published about the new vulnerability and its patch in his new blog and also how to access a user’s Amazon account by just using their email address.
In its new firmware version5.13.4, Amazon has released the fix for bugs.
Kindle drip effect
Mainly the kindle drip attack focussed on the three major vulnerabilities found in the e-reader.
The primary bug allowed the hacker to spoof email addresses to clear authentication checks thereby enabling an infected e-book file to be sent to the user’s device.
The feature ‘Send to kindle’ in Amazon allows the users to send a purchase directly to their device using a record of pre-approved renders like the kindle email addresses which is generated automatically by the Amazon.
The second bug is used to spoof a kindle email address and dispatch an e-book to their device clearing authentication checks.
There was no sign or alert that e-book was received from an email message and the e-books appeared on the kindle page had the cover image of the attacker’s choice. From this it is quite understandable that phishing attacks are much easier.
The next consequence was vulnerability where the kindle checks the image formats JPEGXR which can be opened through web browser.
If anyone clicks a link in the e-book like one in the table of contents, the browser will open a window that contains harmful JPEGXR image.
The image was analysed and runs the arbitrary code based on the context of a weak user.
The final vulnerability, an escalation bug is exploited and the user’s payload runs as roots.
Combined together, all the bugs can be used by the hacker to achieve RCE and return back the private credentials to themselves.
As a reward for patching the vulnerability, Bar-on was rewarded with 18,000 dollars as a bug bounty from Amazon. He patched the bug within the timeframe of 90 days.
Amazon has requested its users to update the latest version to protect against vulnerabilities.
As per Bar-on discovering the vulnerabilities and exploiting them is not easy but once it is done the exploitation is very simple to carry out.
Bug
A bug is an error, flaw or fault in a computer program or a hardware system. A bug can bring out unexpected results or cause the system to perform unexpectedly. In brief, it is any behaviour or result a program gets but was not actually designed to do so.
To simplify, a bug is a problem or mistake in a computer program.
Majority of the computer bugs are caused due to human error. They can either be mistakes made in the source code or program’s design or by using incorrect code by the software developers.
As per the technological experts, even nowadays there is no program without a bug.
Root cause of software bugs
- Miscommunication or no communication
- Software complexity
- Programming errors
- Changing requirements
- Time pressures
- Egoistical or over confident people
- Poorly documented code
- Software development tools
- Obsolete automation scripts.
- Lack of skilled testers.
How to prevent bugs?
- Test-Driven development (TDD)
TDD works by creating failed tests for the product before developing it. When the product reaches the final stage of completion, the test cases begin to pass, hence validating the expected behaviour from the product.
- Continuous Integration Continuous Testing (CICT)
CICT ensures that every code is blended into the central code and should be tested automatically with providential test cases.
- Behaviour Driven Development (BDD)
BDD uses Domain Specific Language (DSL) to contact between and within teams. The use of DSL helps to reduce miscommunication between stakeholders.
- Specific review and management
- Clear communication.