toggle

AAPL Stock: 113.29 ( + 0.37 )

Printed from http://www.macnn.com

Skype for Android exploit allows grabbing of personal info

updated 06:20 am EDT, Fri April 15, 2011

Skype for Android contains serious vulnerability

Users of Skype for Android have been left vulnerable to a code exploit that allows a hacker to access a user's personal information. The proof of concept exploit uncovered by Android Police would allow a hacker to deploy a rogue app in the Android Market that, once downloaded, would allow access to a Skype user's full name, date of birth, city/state/country, home phone, office phone, cell phone, email addresses, bio and other details. The vulnerability appears to be the result of left over files that contain improper permissions, which allows anyone or any app to read them.

According to Android Police blogger Justin Case, Skype is currently investigating the issue after he brought it to their attention. In his view, Skype can address the issue by using proper file permissions, implement an encryption scheme, and put their apps through a more robust security review prior to release.

Users of Skype for Android can download the proof of concept app to test their Skype application to see what data the vulnerability yields.





by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...

MSI Geforce GTX 970 100ME

When Nvidia announced a new line of video cards in September 2014, many people thought things would continue to be business as usual i ...

Wren V5US Wireless Sound System

If you're a music fanatic, chances are you are, by extension, a bit fanatical about what you listen to your music on. If you're like ...

toggle

Most Commented