Amazon Kindle Library Flaw Exposes User Cookies: Report

Advertisement
By Robin Sinha | Updated: 16 September 2014 18:47 IST

Amazon's 'Manage Your Kindle' page has been reportedly spotted with a flaw that could give hackers access to the user's cookies.

According to a user named Benjamin Daniel Musserl who discovered the bug, if users load a corrupted e-book featuring malicious scripts in their Kindle library, by either downloading and importing, or tapping 'Send to Kindle' from a untrustworthy website, hackers can get access to the user account's cookies.

Advertisement

Notably, corrupted e-books that are said to give access to a user's Amazon account cookies include scripts in their title, such as .

"Once an attacker manages to have an e-book (file, document, ...) with a title like added to the victim's library, the code will be executed as soon as the victim opens the Kindle Library web page. As a result, Amazon account cookies can be accessed by and transferred to the attacker and the victim's Amazon account can be compromised," stated Musserl on a blog post.

Advertisement

In addition, Musserl said that he discovered the bug back in October last year, but Amazon patched it soon after. However, the bug started showing again after Amazon introduced an overhauled 'Manage Your Kindle' section.

Users can however avoid the bug by simply not importing e-books from any other website except Amazon, or other trustworthy sources. The company is yet to make an official comment on the issue.

Advertisement

In July, Amazon announced the launch of a Kindle Unlimited ebooks and audiobooks subscription service. For $9.99 (roughly Rs. 610) a month, customers can read from over 600,000 Kindle books, and listen to thousands of Audible audiobooks, 'keeping' individual titles for as long as they want.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot
  2. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  3. Airtel Revises Postpaid Portfolio, Removes Rs. 549 Individual Plan
  4. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  5. Insomniac Games Shares New Trailer for Marvel's Wolverine
  6. Here's How Much the iQOO Z11 Lite Could Cost in India
  7. Here's When the Poco M8 Power, Poco X8 Could Launch in India
  8. iPhone 18 Pro Max Could Get a New Sony Sensor With Variable Aperture Tech
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.