Skype Account Hjiack Vulnerability Via Skype Support Discovered

rated by 0 users
This post has 4 Replies | 0 Followers

Top 10 Contributor
Posts 25,792
Points 1,163,045
Joined: Sep 2007
ForumsAdministrator
News Posted: Mon, Apr 29 2013 5:01 PM
Skype is having security troubles again. According to great big red flag raised by a user on the Skype community forums, Skype accounts are extremely vulnerable--through Skype’s own support system. The user, Ximer, said on the forum that anyone can steal your Skype account with very little to go on; specifically, all one needs is 3-5 of your contacts on Skype; an email you’ve used on Skype at some point; and your first and last name.

He notes that his account wasn’t “hacked” per se; it was simply stolen, using basic information to dupe Skype support into verifying the account’s ownership. And it happened to him multiple times in one day. And the thief (or thieves) used his account to scam people out of hundreds of dollars.

Skype support
(click to enlarge)

A Skype forum admin finally responded, saying in part:

Skype CS is looking into your case. Our unlock policy does in fact require more that just the information you have quoted and we are checking where the failure happened during the required steps of verification.

I understand your frustration and we are constantly revising our process to ensure your account access is blocked to malicious users while at the same time valid password recoveries still make it through.

Whatever the admin says, if Ximer is correct about the lack of security, that means essentially all Skype users are vulnerable. He further complained in his post that Skype lacks the following security measures:
- Security Questions
- 2-factor Authentication
- Good Support that looks into these issues
- Support that can understand plain English and follow through with the request correctly instead of mistaking the my clear request for something different.
- 24/7 support
- A real security policy to actually verify ownership of accounts

Ouch. Microsoft did tell Network World that one measure that can help mitigate the security risk is to log in to Skype via your Microsoft account, which features two-step verification. Somehow that’s not making us feel a whole lot safer.
  • | Post Points: 65
Top 150 Contributor
Posts 541
Points 4,510
Joined: Apr 2012
Location: Schertz, Texas
ajm531 replied on Mon, Apr 29 2013 6:05 PM

*as im reading article another seperate window is opened up in windows 8 and skype is uninstalled* ok not really id have to delete my account to prevent this. i feel bad for who thru this but praise them unsung heroes who deal with and report it to make known to the public

  • | Post Points: 5
Not Ranked
Posts 1
Points 5
Joined: Apr 2013
eric273 replied on Mon, Apr 29 2013 8:30 PM

I am the person who had the chat screenshotted in the picture.

I recovered tibit's account for him after he got his hacked. Skype need to rectify this soon.

  • | Post Points: 5
Top 200 Contributor
Posts 358
Points 2,565
Joined: Sep 2011

Crud. Well that sucks. Skype needs to nip this in the bud. And quick.

  • | Post Points: 5
Top 200 Contributor
Posts 354
Points 3,075
Joined: Aug 2012
Location: Canada
Kidbest100 replied on Mon, Apr 29 2013 10:06 PM

Skype needs to get its ... Stuff...together, and in all reality, they need to get it together NOW...

This is a massive hole...And they know exactly how to plug it, but they don't really want to it seems.

Skype is awesome, and I love it... Bu I also hate it XD

PC Specs:

  • AMD Athlon 64 x2 6400+  Cooled by a Cooler Master Hyper 212 Plus (push-pull)
  • 2GB DDR2
  • MSI Radeon HD 6450 2GB
  • Stock Dell motherboard
  • 250Gb HDD
  • XFX Pro Core edition 650W PSU
  • Stock Dell inspiron case

 

  • | Post Points: 5
Page 1 of 1 (5 items) | RSS