The Kindle that got pwned
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 18 December 2025
⏱️ 37 minutes
🧾️ Download transcript
Summary
Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account and seize control of your credit card.
Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health Service Executive, as victims are offered €750 each.
And because it's the last show before the Christmas break, there's also a Pick of the Week that veers from cosy rom-com comfort to pointy-polygon nostalgia.
All this, and more, in episode 448 of the "Smashing Security" podcast with Graham Cluley, and special guest Danny Palmer.
🎅 🎄 Thanks to everyone for listening to "Smashing Security" during 2025 - we look forward to being back in your ear'oles in early January. Stay safe! 🎅 🎄
EPISODE LINKS:
- Password manager provider fined £1.2m by ICO for data breach affecting up to 1.6 million people in the UK - ICO.
- Trump Administration Turning to Private Firms in Cyber Offensive - Bloomberg.
- Russian ban on Roblox gaming platform sparks rare protest - Reuters.
- Once upon an exploit: how fake audiobook led to Kindle takeover - Cybernews.
- Four years later, Irish health service offers €750 to victims of ransomware attack - Bitdefender.
- When Harry Met Sally - Wikipedia.
- When Harry Met Sally trailer - YouTube.
- Tomb Raider 1-3 Remastered review - you were never going to smooth these games out - Eurogamer.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
ENJOYED THE SHOW?
Make sure to check out our sister podcast, "The AI Fix".
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | He says, you can even buy books from the store with my credit card and a single... Oh, oh, I've mentioned credit cards. Oops. Smashing Security, Episode Episode 448, The Kindle That Got Poned, with Graham Cluelly and special guest Danny Palmer. |
| 0:30.6 | Hello, hello, and welcome to Smashing Security episode 448. My name's Graham Cluley. |
| 0:35.5 | And I'm Danny Palmer. |
| 0:37.1 | Danny, welcome back to the show. Always a delight to have you on. You were last on, I think, a couple of months ago. What have you been up to since? |
| 0:44.8 | Yeah, great to be back. Thanks to having me, Graham. What have I been up to? Same as always, I suppose. |
| 0:49.5 | No, doing my writing and reporting on various cybersecurity issues for various publications, going to events, |
| 0:56.1 | that sort of thing. I went to Black Cat Europe last week, which was a lot of fun, lots of fun, |
| 1:01.0 | really interesting there, lots of talks going on, good catch up with lots of people. Yeah, |
| 1:06.6 | it was a good time. I hadn't been to Black Cat Europe for a couple of years. It was really good. |
| 1:10.6 | That's in London, isn't it? |
| 1:11.8 | The Excel Centre in London, yes. It's not as quite a glamorous venue as sort of the main, in inverted commas, Black Cat in the United States and Las Vegas. But if it's there for the talks, it's all the same things, really. |
| 1:23.9 | It's good. |
| 1:24.5 | And it's also at the sort of time of year as well where there's a lot of reflection on what's happened in the last year or so. |
| 1:31.0 | Lots of interesting keynotes. But yeah, |
| 1:32.8 | really, really good. Before we kick off, let's thank this week's wonderful sponsors, Vanta and |
| 1:37.4 | Threat Locker. We'll be hearing more about them later on the podcast. |
| 1:43.4 | This week on Smashing Security. |
| 1:45.7 | We're not going to be talking about how password manager last pass has been fined |
| 1:49.3 | £1.2 million by UK regulators for a data breach that impacted 1.6 million Brits. |
| 1:58.1 | You'll hear no discussion of how the Trump administration is reportedly preparing to turn to private businesses |
| 2:03.9 | to help mount offensive cyber attacks against foreign adversaries. |
| 2:10.0 | And we won't even mention... |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.