Attention Kindle Touch users: there is a browser exploit that allows attackers to gain root access to your device. In doing so, they can potentially gain access to your Amazon account. Obviously, many of us store our payment information directly in out Amazon account, and having a malicious person access that information is never a good thing.
When this exploit was tested by h-online they found that they could run a script and copy the user’s password hash. Then, they could take that and run it through a password cracker and get the text version of the password. From there, they would have full access to your Amazon account, where they could make unauthorized purchases.
Don’t allow yourself to be scared too much by this warning. It is just that – a warning. There are not many websites that would embed such a script that Kindle Touch owners would have any reason to use. None the less, it pays to be cautious as this exploit could cause some serious financial harm.
Amazon is well aware of this exploit and is already hard at work on a fix. There is no official ETA on the fix, so you should be careful which sites you visit on your Kindle Touch.
It is also worth noting that other Kindle devices are not at risk from these attacks. If you own a Fire or any other Kindle device, you do not have anything to worry about at this time.