Those who haven’t completed their holiday shopping yet or those who are currently thinking of buying an e-reader should be careful. According to reports, the $50 Nook of Barnes & Noble (NYSE:BKS) has a pre-installed data gathering program in it.

Malware in Nook Steals All Personal Information

The Fortune 500 business and the largest retail bookseller in the US came out with this edition of the Nook just in time for the holiday shopping season. But Barnes & Noble did not reveal one crucial fact – malware. There is the ADUPS program in this reader which has allowed a third-party to have complete access to all the data in this device and also have complete control privileges. This means the third-party can collect all personal information, and may even wipe the Nook clean.

This was revealed by Charles Fisher, an Android Security researcher and Database Administrator. He says the $50 Nook comes with the ADUPS program pre-installed. So it will start its work as soon as you connect the Nook to the internet and sign-in to your accounts.

ADUPS is the same program that was recently found in 120,000 Blu devices. After the discovery, the data control and collection abilities of ADUPS were quelled, but Fisher warns that this is just temporary. The program still retains its harmful capabilities.

Barnes & Noble to Issue Software Update Soon to Remove the Malware

Even Barnes & Noble have accepted this but blames the incident on an effort to do something new with the $50 Nook. Samsung, the existing partner, don’t make android devices that can be sold for $50, so the company outsourced production of the latest version of the Nook to Shenzhen Jingwah Information Technology of Shanghai. So what Barnes & Noble is essentially saying is, ADUPS was installed by Shenzhen Jingwah without their knowledge. Shenzhen has not come out with a denial yet.

The company has already released a software update to remove ADUPS from their e-readers. Barnes & Noble, however, concedes that this may not be enough, so they are presently working on another update to remove the malware completely from the Nook.

ADUPS denies all charges. “We are not collecting any personally identifiable information or location data, and don’t intend to do this”, the statement read.

Interestingly, the $50 Barnes & Noble Nook, which is on sale, currently has a rating of 4.5-star. That’s because most consumers don’t know that it comes pre-installed with a data-theft malware.