karl
November 14th, 2012, 02:16 PM
Skype was today forced to pull its password reset function after a vulnerability was revealed that allowed hackers to hijack accounts using just their victim's email address.
The security flaw allowed an attacker to reset the password of any Skype users, locking victims out of their own accounts and giving the hacker total control.
To exploit the vulnerability, all attackers needed to know was the email address tied to their victim's Skype account to persuade the Microsoft-owned service to provide a password reset token to given them access.
Full story here: http://www.dailymail.co.uk/sciencetech/article-2232757/Skype-forced-pull-password-reset-function-emerges-hackers-hijack-accounts-using-victims-email-address.html#ixzz2CE4TBR9G
Also here: http://www.hoax-slayer.com/skype-password-changed-scam.shtml
And here: http://www.bbc.co.uk/news/technology-20325684
The security flaw allowed an attacker to reset the password of any Skype users, locking victims out of their own accounts and giving the hacker total control.
To exploit the vulnerability, all attackers needed to know was the email address tied to their victim's Skype account to persuade the Microsoft-owned service to provide a password reset token to given them access.
Full story here: http://www.dailymail.co.uk/sciencetech/article-2232757/Skype-forced-pull-password-reset-function-emerges-hackers-hijack-accounts-using-victims-email-address.html#ixzz2CE4TBR9G
Also here: http://www.hoax-slayer.com/skype-password-changed-scam.shtml
And here: http://www.bbc.co.uk/news/technology-20325684