Privacy flaw in Skype Android app exposed

Skype "working to protect you" from vulnerability.

Skype has acknowledged a dangerous flaw in its Android app which leaves the private data of its users open to be exploided by malicious apps.

While the app itself hasn't been giving the data up to snoopers, the design of the app leaves a database file unencrypted, leaving things like your username and password, email address, address and phone number exposed.

If a user has a malicious app installed on their Android phone then those details can be pilfered and sent back to the shady individual in question.

In a brief blog post, Skype has said it is "working to protect you from this vulnerability."

The flaw was discovered by the super sleuths at AndroidPolice.com who posted the following information:

"The most interesting file one can gain access to is main.db. The accounts table in this database holds information such as account balance, full name, date of birth, city/state/country, home phone, office phone, cell phone, email addresses, your webpage, your bio, and more.


"The Contacts table holds similar information, but on friends, family and anyone else in your contact list (that is, more than Skype exposes on other users publicly). Moving further along, looking into the Chats table, we can see your instant messages – and that's just the tip of it. Scary.


"This means that a rogue developer could modify an existing application…, distribute that application on the Market, and just watch as all that private user information pours in. While the exploit can't steal your credit card info, the data it's harvesting is still clearly very private (chat logs linked back to your real name, address, and phone number)."

Link:AndroidPolice

Comments

Be the first to comment…

Back to top
Close
T3 Newsletter
Sign up to recieve the T3 newsletters by entering your details below

Your Details

As you're registering with us. we'd like to think that you'd enjoy receiving the following emails; if you'd rather not receive them, please untick the boxes:

I would like to receive other emails from T3, Future Publishing Limited and it's group companies containing news, special offers and product information
I agree to the terms of use and privacy policy and confirm that I am over 16 years of age *
Close
Log in or Join

By clicking below you agree to our terms and conditions and our privacy policy

Log in to T3.com with your preferred social network

Log in with your T3.com account

CloseJoinPlease complete these additional details

Join T3.com with your preferred social network

OR

Join T3.com

Please tick this box to confirm you are 16 years old or over

Just so we know you're human

Newsletters

I would like to receive T3 email newsletters, packed full of the latest tech news, competitions and exclusive offers.

I would like to receive other emails from T3, Future Publishing Limited and its group companies containing news, special offers and product information.

I would like to receive offers from carefully selected third Parties. We will not share your data with the third party.

Close Edit your profile

Change your password

Newsletters

I would like to receive T3 email newsletters, packed full of the latest tech news, competitions and exclusive offers.

I would like to receive other emails from T3, Future Publishing Limited and its group companies containing news, special offers and product information.

I would like to receive offers from carefully selected third Parties. We will not share your data with the third party.

Social networks

You have authorised these social networks to interact with your T3.com account.

Please ensure you deactivate or revoke access to this website from within your social networks settings to ensure all permissions are removed.

Close Forgotten your password

Forgotten your password?

Please enter the email address that you used to sign up and we'll send you a new password

Close
Forgotten password
Don't have a T3 Account? Join now