x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Skype vulnerability puts your iPhone at risk

Skype vulnerability puts your iPhone at risk

Posted: , by Nick T.

Tags:

Skype vulnerability puts your iPhone at risk
Those of you who use Skype on their iPhone might want to read carefully as a security flaw in the application has just recently been exposed. In a nutshell, an attacker is able to execute malicious code on the targeted device by simply sending a chat message to the victim, and the worst thing about it is that after the attack, the victim would be most likely unaware that anything has ever happened.

What allows for the hack to be performed is the way Skype treats and stores chat messages. Apparently, if a sender sets their Skype name to a piece of code, that code will be executed on the recipient's iPhone. Sure, the iOS platform would not allow for the file system itself to be accessed without the needed permissions, but the target's address book can be accessed freely and is therefore completely exposed.

Below is a video of the hack in action demonstrating how easy it is for an attacker to steal your address book with the right tools. That being said, it would probably be a good idea to be extra careful while receiving chat messages via Skype. A solution to the vulnerability has yet to be released.

source: Superevr via SlashGear


7 Comments
  • Options
    Close




posted on 20 Sep 2011, 07:23 1

1. android_hitman (Posts: 625; Member since: 07 Jul 2010)


do you like XSS?

posted on 20 Sep 2011, 07:29 5

2. Mooooo (Posts: 212; Member since: 27 Aug 2011)


But wait i thought it was infallible beautiful unique and special

posted on 20 Sep 2011, 07:40

3. protozeloz (Posts: 5378; Member since: 16 Sep 2010)


Not again -_- skype better fix this fast

posted on 20 Sep 2011, 14:40

4. shafboy (Posts: 179; Member since: 26 Sep 2010)


You mean Microsoft?

posted on 20 Sep 2011, 18:26

7. protozeloz (Posts: 5378; Member since: 16 Sep 2010)


Even tho ms owns skype, skype still operates aside from them, so I guess they can be called skype

posted on 20 Sep 2011, 15:04

5. taz89 (Posts: 2014; Member since: 03 May 2011)


i know technically this isnt apples fault but i thought that nothing can happen to the iphone...doesnt apple check apps thoroughly before they allow it be on the app store...hope no one is affected by this though

posted on 20 Sep 2011, 16:45

6. Paden (Posts: 262; Member since: 07 Jul 2011)


"Sure, the iOS platform would not allow for the file system itself to be accessed without the needed permissions, but the target's address book can be accessed freely and is therefore completely exposed."

Address book? I'm scared. Don't call my friends!!

Want to comment? Please login or register.

Latest stories