msnbc logo

Facebook, iPhone, Twitter and Wii. Technology evolves at the speed of light. Msnbc.com's tech reporters look at the gadgets, games and innovations changing our world.

Sort or search by topic:

Advertise | AdChoices

244 days

Rosa Golijan

Use Skype on the iPhone? Your info could be stolen

Advertise | AdChoices

Skype

Are you using the Skype for iOS app on your iPhone or iPod Touch? Then you need to be aware of how easily your information — particularly your entire address book — could be stolen without your knowledge. All it takes is a single chat message.

According to TechCrunch, the issue was first discovered by AppSec Consulting security researcher Phil Purviance — who claims that he pointed out the vulnerability to Skype about a month ago. You can see a rather technical demonstration of how information is stolen in the video below, but here's the simplified version:

  • An evildoer places malicious code into the "Full Name" field in his or her Skype profile
  • That individual sends a chat message to his or her victim — someone who is using Skype on his or her iPhone or iPod Touch
  • As soon as the victim views the message, the malicious code begins to run on his or her mobile device
  • Information — such as the victim's address book — is uploaded to the evildoer's computer
  • The evildoer is able to sift through the stolen information at his or her leisure

The reason this series of events can occur is because the "Full Name" field isn't checked for malicious code.

Scary, right? But there are a few things you should know before you panic.

For starters, thanks to the way Apple has designed iOS — its mobile operating system — only certain files, including your address book, are vulnerable.

But most importantly, you should know that Skype is working on a fix for the security issue:

We are working hard to fix this reported issue in our next planned release which we hope to roll out imminently.  In the meantime we always recommend people exercise caution in only accepting friend requests from people they know and practice common sense internet security as always.

 

Related stories:

Want more tech news, silly puns, or amusing links? You'll get plenty of all three if you keep up with Rosa Golijan, the writer of this post, by following her on Twitter, subscribing to her Facebook posts, or circling her on Google+.

Discussion

Close post

Show more