Mussler says that Amazon's Kindle Library is vulnerable to malicious computer script hidden in Kindle books.
Malicious script sneaked into eBooks can change the way the Kindle library page displays, like so:
"From the supplier's point of view, vulnerabilities like this present an opportunity to gain access to active Amazon accounts," Mussler writes.
According to Mussler, Amazon was informed of the security flaw in November 2013, but the loophole has yet to be fixed. When the security researcher informed the open source eBook program Calibre about the same problem, it was fixed within hours.
The good news is that Kindle books purchased through the Amazon store are unlikely to contain the hack, according to Mussler. Instead it's more likely to spread using pirated eBooks that are sent to a user's Kindle library — so there's another reason not to download ebooks from dodgy websites.