A SECURITY flaw in Amazon Kindle e-reading devices could allow hackers to hijack users' Amazon accounts, according to security experts.
The flaw allows hackers to inject malicious bugs into e-books which, if downloaded, can give them access to an Amazon account's details. Kindle owners are being advised not to transfer ebooks obtained outside Amazon's own service on to their machines, as it is these titles that are particularly vulnerable to the security flaw.
The glitch was discovered by German security expert Benjamin Mussler, who said he warned Amazon about the flaw two months ago. "Amazon chose not to respond to my email detailing the issue and - two months later - the vulnerability remains unfixed," he said.
"Users most likely to fall victim to this vulnerability are those who obtain e-books from untrustworthy sources such as pirated e-books and then use Amazon's 'Send to Kindle' service to have them delivered to their Kindle," said Mr Mussler.
"The flaw applies to everyone who uses Amazon's Kindle Library to store e-books or to deliver them to a Kindle."
Amazon has yet to comment on the issue.
The Kindle security flaw comes as Android smartphone users were warned of a software design flaw in the phone's operating system that could allow hackers to hijack email and other actions.
The flaw applies to 75pc of all Android phones, including those made by Samsung, Sony and HTC.
"Any arbitrary website controlled by a spammer or a spy can peek into the contents of any other web page," warned Tod Beardsley, an expert working for the security testing organisation Metasploit. Android phone users are being advised to upgrade to the most recent version of the software as older versions are most at risk.