Hacker News new | comments | show | ask | jobs | submit login
Skype security issue allows to steal any account (qbakanet.tumblr.com)
4 points by amima 1483 days ago | hide | past | web | 7 comments | favorite

I've just tried on OS X, Skype v6.0.0.2946. The password marker doesn't appear in the Skype client under the new account; only in the Inbox.

UPD: Tested on Windows 7, Skype v6.0.0.120. The notification about the password reset token does appear in the Skype client, but no reset code is shown. And I couldn't figure out making it visible or click-able.

Verdict: can't reproduce.

Try refreshing the welcome page in Skype client to see Facebook page, close it, and then you will see the password marker.

OMG! You're totally right! I've pressed Ctrl+F5 on the home screen, skipped the Facebook thing, and here they are! http://www.xiag.ch/share/2012-11-14_1021.png

A Google translate version of the original report was on the frontpage but now has vanished. Weird!

Has anyone bothered actually checking this? Is there a proof video or smth?

Lots of people already tried, several of my friends did experienced account hijacking. And I also tried myself (tested on my good friend account just to make sure). It is working. At least it was two hours ago. And as far as I know, it is still the issue.

I sort of tried and it worked well until I got to the part about the marker or whatever.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact