- Oct 23, 2012
- 12,527
Skype, a tool that roughly 250 million users rely on for cheap, seamless international audio and video calling, has suffered a security breach that could allow anyone to change a user's password and take over their account.
According to reports, the simple hack can be executed as long as the intruder knows the user's account name and associated email address.
In response, Skype has temporarily disabled the password reset feature in Skype to protect users. "We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority," Leonas Sendrauskas, Skype's Web Quality Assurance Engineer, said in a statement.
Originally discovered on a Russian hacker website, the exploit was tested and confirmed by TheNextWeb over the last 24 hours.
Testing the security hack was relatively simple and revealed the ability to lock out a user from their account in just five steps. The results of the test suggest that if you happen to have a well known, or publicly available email address, and use Skype regularly, now might be a good time to change the email address associated with your Skype account.
This latest security issue is the latest in a series of fairly run-of-the-mill hiccups with the service since Microsoft acquired the business for $8.5 billion last year. Regular users of the service may have noticed Microsoft recently made major modifications to the Skype interface to mirror the square panel appearance found in Windows 8. The service also now prompts you to link your Microsoft and Skype accounts so that you'll automatically be logged into both upon signing into the service.
Source
According to reports, the simple hack can be executed as long as the intruder knows the user's account name and associated email address.
In response, Skype has temporarily disabled the password reset feature in Skype to protect users. "We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority," Leonas Sendrauskas, Skype's Web Quality Assurance Engineer, said in a statement.
Originally discovered on a Russian hacker website, the exploit was tested and confirmed by TheNextWeb over the last 24 hours.
Testing the security hack was relatively simple and revealed the ability to lock out a user from their account in just five steps. The results of the test suggest that if you happen to have a well known, or publicly available email address, and use Skype regularly, now might be a good time to change the email address associated with your Skype account.
This latest security issue is the latest in a series of fairly run-of-the-mill hiccups with the service since Microsoft acquired the business for $8.5 billion last year. Regular users of the service may have noticed Microsoft recently made major modifications to the Skype interface to mirror the square panel appearance found in Windows 8. The service also now prompts you to link your Microsoft and Skype accounts so that you'll automatically be logged into both upon signing into the service.
Source
