Skype exposing users' Internet addresses to 'entire world'
Online call service Skype is constantly exposes users' Internet addresses to the entire world, giving criminals chance to better target cyber attacks and rivals to locate people.tech reviews Updated: Mar 26, 2013 11:57 IST
Online call service Skype is constantly exposes users' Internet addresses to the entire world, giving criminals chance to better target cyber attacks and rivals to locate people.
The Wall Street Journal and other news outlets had warned about research that showed it was possible to coax Skype into revealing the IP addresses of individual Skype users.
Since then a number of services have emerged to help snoops exploit this vulnerability to track and harass others online.
For example, an online search for " skype resolver" returns dozens of results that point to services (of variable reliability) that allow users to look up the internet address of any Skype user, just by supplying the target's Skype account name.
The idea being that if you want to knock someone offline but you don't know their internet address, you can simply search on Skype to see if they have an account, and then use the resolvers to locate their IP.
The resolvers work regardless of any privacy settings the target user may have selected within the Skype program's configuration panel, the Age reports.
Beyond exposing a users' Internet connection to annoying and disruptive attacks, this vulnerability could allow stalkers or corporate rivals to track the movement of individuals and executives as they travel between cities and states.
Many of these resolver services offer "blacklisting," which for a fee will allow users to prevent other users from looking up the IP address attached to a specific Skype account, said Brandon Levene, an independent security researcher.
According to the paper, Skype was purchased by Microsoft in 2011, but the software giant appears to have done little to address this privacy weakness, despite the attention brought to it and the proliferation of sites offering tools to exploit it.