MOSCOW, November 14 (RIA Novosti) - One of Russia's top bloggers, Anton Nossik, on Wednesday highlighted the continuing vulnerability to hack attacks of popular internet-phone service Skype.
"I don't want to publish the exact mechanism that makes this possible, I can only testify to the fact that this method works," he wrote.
Nossik is one of the many Russian Skype users to raise the issue. Skype's vulnerability to attack revolves around the "password reset" function, provided the would-be hacker knows the email address initially used to register.
As a RIA Novosti correspondent established, a "how-to" guide posted on internet forums proved very effective, and required no specialist skills.
After registering a new login using the target user's email address, a hacker can gain enough control of the service to change the password, and access the account. From there they can access the accounts of other people who are listed as contacts, change their passwords, and so on.
Skype has disabled the "password reset" option in response, "in the interests of our users' security" the company told RIA Novosti on Wednesday.
Initial information about the problem was published earlier this week on the Xeksec hacker's forum. Although that site was no longer accessible on Wednesday morning in Moscow, the information it contained had already been redistributed via other sites.
According to messages on Community.Skype.com, information about Skype's vulnerability to hacking had already been published in July this year, but nothing had been done to address this weakness.
Skype was established in 2003, and had gained 500 million registered users this year, growing by 170 million annually. The system needs a special program to work, which is found commonly on most PCs. Microsoft Corporation bought Skype in 2011 for $8.5 billion.
Add to blog
You may place this material on your blog by copying the link.