Hacker News new | past | comments | ask | show | jobs | submit login
Skype security issue allows to steal any account (qbakanet.tumblr.com)
4 points by amima on Nov 14, 2012 | hide | past | favorite | 7 comments



I've just tried on OS X, Skype v6.0.0.2946. The password marker doesn't appear in the Skype client under the new account; only in the Inbox.

UPD: Tested on Windows 7, Skype v6.0.0.120. The notification about the password reset token does appear in the Skype client, but no reset code is shown. And I couldn't figure out making it visible or click-able.

Verdict: can't reproduce.


Try refreshing the welcome page in Skype client to see Facebook page, close it, and then you will see the password marker.


OMG! You're totally right! I've pressed Ctrl+F5 on the home screen, skipped the Facebook thing, and here they are! http://www.xiag.ch/share/2012-11-14_1021.png


A Google translate version of the original report was on the frontpage but now has vanished. Weird!


Has anyone bothered actually checking this? Is there a proof video or smth?


Lots of people already tried, several of my friends did experienced account hijacking. And I also tried myself (tested on my good friend account just to make sure). It is working. At least it was two hours ago. And as far as I know, it is still the issue.


I sort of tried and it worked well until I got to the part about the marker or whatever.




Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: