Log in

View Full Version : Skype forced to pull password reset function


karl
November 14th, 2012, 02:16 PM
Skype was today forced to pull its password reset function after a vulnerability was revealed that allowed hackers to hijack accounts using just their victim's email address.
The security flaw allowed an attacker to reset the password of any Skype users, locking victims out of their own accounts and giving the hacker total control.
To exploit the vulnerability, all attackers needed to know was the email address tied to their victim's Skype account to persuade the Microsoft-owned service to provide a password reset token to given them access.



Full story here: http://www.dailymail.co.uk/sciencetech/article-2232757/Skype-forced-pull-password-reset-function-emerges-hackers-hijack-accounts-using-victims-email-address.html#ixzz2CE4TBR9G


Also here: http://www.hoax-slayer.com/skype-password-changed-scam.shtml


And here: http://www.bbc.co.uk/news/technology-20325684

Gandalf
November 14th, 2012, 03:33 PM
Could this be why I couldn't access skype from my phone when it logged me out yesterday, thanks for sharing.

I'm worried now though :worry:

Lyra Heartstrings
November 15th, 2012, 04:46 PM
..Well that's worrisome. Silly Skype. You're just getting worse and worse.