Microsoft Investigating Skype Breach Exposing IP Addresses

Microsoft is reportedly looking into a Skype vulnerability that allows a third party to view a user's last known IP address. The exploit was first made known last week via instructions on Pastebin showing how someone can download a patched version of Skype and obtain any Skype member's IP address whether they're contacts or total strangers.

"We are investigating reports of a new tool that allegedly captures a Skype user's last known IP address," a Skype representative said in an emailed statement. "This is an ongoing, industry-wide issue faced by all peer-to-peer software companies. We are committed to the safety and security of our customers and we are takings measures to help protect them."

After downloading the patched client, IP snoopers can turn on dubug-log file creation by adding a few registry keys. After that, they can add a Skype contact simply by viewing the user's Vcard -- sending an add request is not needed. However both the snooper and the victim must be online -- IP addresses cannot be obtained when targets sign off the network.

"Take look in the log of the desired skypename," the instructions read. "The record will be like this for real user IP: -r195.100.213.25:31101. And like this for user internal network card IP: -l172.10.5.17."

Once obtained, the IP address can then be used in a WHOIS service to acquire the target's city, country, Internet Service Provider and internal user IP address. Other details like name and telephone number typically can't be obtained.

Microsoft scooped up Skype back in October 2011 for a meaty $8.5 billion. Since then, Skype has arrived on Windows Phone and Sony's PlayStation Vita. There are also signs that Microsoft plans to introduce Skype as a Web app for browsers later this year, and that the popular VoIP service is finally headed to the Xbox 360 console.

So far Microsoft and Skype have not released an official public statement regarding the IP snooping tool. "Our security experts are aware of it and looking into it already," said Skype's community manager Monday morning. Skype users are suggested to sign off when they're not using the service until the issue is resolved.

This thread is closed for comments
    Your comment
  • That's one of the worst such vulnerabilities that I've ever heard of.
  • born2rock4life
    Haven't seen a vulnerability like this since you could use Direct Connect in AIM to share images, and then run a netstat -r. Good times.
  • sounds like a lot of cam "workers" are gonna find themselves real life stalkers.