Skype vulnerability puts your iPhone at risk

Skype vulnerability puts your iPhone at risk
Those of you who use Skype on their iPhone might want to read carefully as a security flaw in the application has just recently been exposed. In a nutshell, an attacker is able to execute malicious code on the targeted device by simply sending a chat message to the victim, and the worst thing about it is that after the attack, the victim would be most likely unaware that anything has ever happened.

What allows for the hack to be performed is the way Skype treats and stores chat messages. Apparently, if a sender sets their Skype name to a piece of code, that code will be executed on the recipient's iPhone. Sure, the iOS platform would not allow for the file system itself to be accessed without the needed permissions, but the target's address book can be accessed freely and is therefore completely exposed.

Below is a video of the hack in action demonstrating how easy it is for an attacker to steal your address book with the right tools. That being said, it would probably be a good idea to be extra careful while receiving chat messages via Skype. A solution to the vulnerability has yet to be released.

source: Superevr via SlashGear


Related phones

iPhone 4
  • Display 3.5" 640 x 960 pixels
  • Camera 5 MP / 0.3 MP VGA front
  • Processor Apple A4, Single core, 1000 MHz
  • Storage 32 GB
  • Battery 1420 mAh(7.00h 3G talk time)

FEATURED VIDEO

7 Comments

1. android_hitman unregistered

do you like XSS?

2. Mooooo

Posts: 212; Member since: Aug 27, 2011

But wait i thought it was infallible beautiful unique and special

3. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Not again -_- skype better fix this fast

4. shafboy

Posts: 179; Member since: Sep 26, 2010

You mean Microsoft?

7. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Even tho ms owns skype, skype still operates aside from them, so I guess they can be called skype

5. taz89

Posts: 2014; Member since: May 03, 2011

i know technically this isnt apples fault but i thought that nothing can happen to the iphone...doesnt apple check apps thoroughly before they allow it be on the app store...hope no one is affected by this though

6. Paden

Posts: 262; Member since: Jul 07, 2011

"Sure, the iOS platform would not allow for the file system itself to be accessed without the needed permissions, but the target's address book can be accessed freely and is therefore completely exposed." Address book? I'm scared. Don't call my friends!!

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.