Thanks to this hole, a hacker can gain access to the Amazon account simply by getting his victims to download an ebook which was itself hacked to include a script in the title:
Once an attacker manages to have an e-book (file, document, ...) with a title like
added to the victim's library, the code will be executed as soon as the victim opens the Kindle Library web page. As a result, Amazon account cookies can be accessed by and transferred to the attacker and the victim's Amazon account can be compromised.
I've tried it, and it does work. I saw something similar to the image which the hacker posted to his blog.
As a result I would urge caution against buying or downloading ebooks from untrustworthy sources - for the near future, at least. I expect Amazon will fix this problem shortly - that's what they did when it was first discovered last fall.
No this is not a new story, though it is just coming to light. The German ebook blog AlleseBook.de broke the story earlier today when they reported on the hacker who discovered this issue - and more importantly, provided an ebook which could prove the hack worked.
Benjamin Daniel Mussler writes that he discovered this security issue last October. He notified Amazon in November, and they fixed it 4 days later. That is great, but then then Amazon reintroduced the security hole earlier this year when they launched the new version of the "Manage Your Kindle" page.
As of the time I wrote this post, Mussler's hack still worked. There's even an ebook which you can use to test the hack yourself, if you like. I would recommend against it, but it is up to you.
On a related note, if you're worried about being hacked, there is a simple rule you can follow to keep yourself safe.
image by Pitel