DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 21, 2019 
Main Menu
News archives

Who's Online
There are currently 183 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Skype accounts hijacked with just an e-mail address

Posted on Wednesday, November 14 2012 @ 13:02:26 CET by

Skype logo
Last week news hit the wire that Windows Live Messenger will be replaced by Skype but now reports hit the wire about a critical security flaw in Skype's user system that enabled hackers to access any Skype account and take full control using just an e-mail address. Microsoft is looking into the matter and has temporarily disabled Skype's password reset function to mitigate the security hole.

What made this a very dangerous security flaw is that Skype stores full conversation histories in the cloud, meaning someone that hijacks your account can look through your personal conversations.

Details on how the attack worked can be read at The Next Web, the issue was first posted on a Russian forum in September.
We reproduced the attack, step-by-step, and managed to access the Skype accounts of TNW writer (with permission) Josh Ong (as well as editor Matt Brian to verify again) with only their email addresses. Essentially, that email address is used to create a new account with your own email address tied to it. Then, minus a couple of key steps, you can use a password reset token to gain access to your target’s account.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba