Posts Tagged ‘Skype’


Vulnerabilities in Skype

The developers did not disclose details of underlying vulnerability.

Skype development team has announced the release of a new version of the client. The program has a number of improvements in accessibility, stability and ease of user interface.

The notification developer P2P service also refers to address multiple vulnerabilities. The company provides a list of three names of researchers and the names of organizations that reported having at least one vulnerability in Skype 6.3. Thus, the client has been removed, at least three vulnerabilities, but the details of them do not apply. (more…)


Trojan via Skype

The updated version of bank malicious software Shylock appeared in open access.

According to security experts from the Danish company CSIS Security Group, last week publicly available update has started to extend banking trojan Shylock. One of the new features is the ability of the virus spread through Skype.

This addition allows a trojan to dispatch messages and harmful files by means of the client of the popular VoIP-service established on infected system. At this Shylock it is capable to bypass precautionary messages of Skype, and also to erase traces of the activity from its history.

Earlier in the Trojans already been implemented functional spread itself through instant messaging services such as MSN Messenger and Yahoo Messenger. Virus sends malicious links casual contacts in these applications. (more…)

Scam calls via Skype are declining

Posted: November 27, 2012 in IT Security News
Tags: ,

Scam calls via Skype

Microsoft says that the Internet phone service Skype is struggling with the use of Internet-based applications are sent by users of the service database links to fraudulent websites, as well as with users of Skype, using this system to the needs of direct marketing. Over the past six months, the number of such programs and the accounts of spammers significantly decreased.

Adrian Asher, chief security Skype, said that earlier in the internet telephony can often be seen when a user receives an incoming call, and on the other end of the automated system will start playing recorded advertising message. Often in such a way to advertise counterfeit goods, fraudulent websites and various illegal activities. The complexity of the struggle against such phenomena was that the fraudulent numbers and websites have a short period of life that is rarely more than a week, and often limited to a few days.

Asher says that fraudsters abusing function Skype, which allows calls to unknown recipients, without the prior approval of the latter. In Skype previously tried to introduce new security settings that would initially block calls from unknown users when the settings are not otherwise indicated, but in the process of voting by users were against this innovation. (more…)


Skype has closed the critical vulnerability

Internet phone system Skype just hours has reported to eliminate a serious bug, the use of which are possible reset the user password and data theft legitimate user.

Skype today disclosed vulnerability allows a potential attacker to create Skype-account with the same address email, and that the victim and then from the same session, to request a password reset, leading, therefore, account of this person.

After this vulnerability became known, initially just block Skype password reset page, but later, the company sold a permanent fix for the vulnerability.

Also in Skype reported that, in practice, this vulnerability has used a number of algorithmic weaknesses opportunities for users with multiple Skype-accounts and working with them through the specified single inbox. The company did not report how many people could suffer from exploitation, but the claim that a bug “was affected by a small number of users.” (more…)


Critical vulnerability in Skype

Critical security vulnerability found in Skype (the service voice and video). The vulnerability allows to hack any account of Skype.

To crack only need to know the email address of the victim. Hacking scheme is as follows:

  • You need to register a new Skype Name to e-mail the victim (technically possible);
  • After that, you must log in to your new account, delete all cookie files and request password recovery;
  • After that, the window will be notified of Skype “password token”, which referred to;
  • This link, the user can select which kind login Skype, registered at the address of e-mail, he wants to change the password;
  • Among these logins will be like the one that the user has just registered on another e-mail, and username of the owner of this e-mail;
  • So, with no access to other people’s box and without the knowledge of the old password, you can change someone else’s password. (more…)

McAfee logoThe virus is able to deactivate the update modules of different software.

Experts from McAfee found malware that could simplify the way viruses attack, disable any anti-virus software on the system, as well as deactivating the update modules for different software.

According to the researchers, the worm spreads through the social network Facebook, as well as through a number of IM-clients, including ICQ, Skype, GTalk, Pidgin, MSN and YIM.

Attackers send messages to potential victims of alleged links to funny or interesting video. If the user will be held on the proposed web-site on his computer to automatically download and run malicious code. (more…)