Skype account hijack | Breaking Cybersecurity News | The Hacker News

Those innocent-looking apps in your smartphone can secretly spy on your communications or could allow hackers to do so. Hard to believe, but it's true. Recently, Trustwave's SpiderLabs analysts discovered a hidden backdoor in Skype for Apple's macOS and Mac OS X operating systems that could be used to spy on users' communications without their knowledge. The backdoor actually resides in the desktop Application Programming Interface (API) that allows third-party plugins and apps to communicate with Microsoft-owned Skype — the popular video chat and messaging service. Appeared to have been around since at least 2010, the backdoor could allow any malicious third-party app to bypass authentication procedure and provide nearly complete access to Skype on Mac OS X. How an Attacker can Take Complete Control of Your Skype The malicious app could bypass authentication process if they "identified themselves as the program responsible for interfacing with th...

It looks like Skype has another big hole in their security. According to reports, a security hole makes Skype accounts vulnerable to hijacking. The security hole allows unauthorized users with knowledge of your Skype-connected email address to change the password on your Skype account, thus gaining control of it. The hijack is triggered by signing up for a new Skype account using the email address of another registered user. No access to the victim's inbox is required one just simply needs to know the address. Creating an account this way generates a warning that the email address is already associated with another user, but crucially the voice-chat website does not prevent the opening of the new account. Then hacker just have to ask for a password reset token , which Skype app will send automatically to your email, this allows a third party to redeem it and claim ownership of your original username and thus account. The issue was reportedly documented on Russ...

CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.