If you’re a regular Skype user, it might be a smart idea to sign out when you’re not using it. A newly-uncovered security flaw may make it possible for users to call in to a device without getting approval first.
The flaw, as confirmed by Android Police, allows a user with two devices connected to an account to call the target without their knowledge. To do this, the intruder needs two devices. They can initiate a call to their target from one device, disconnect while it’s ringing, and the target’s account will ring back the intruder’s other device.
Presumably, Skype re-initiates the call to avoid dropped calls over lousy connections. Fortunately, this will still bring up the normal call interface, so if you’re looking at your screen, you’ll be able to see if someone tries to access your computer. However, if you leave a desktop running or aren’t paying attention to your phone, it may still be possible for someone to listen in without you actually accepting a call.
Security Hole In Skype Allows Users To Surreptitiously Connect To Other Users [Android Police]
Comments