Now it has been resolved by Skype who announced on Wednesday that it had taken precautions and closed a security flaw that let anyone reset a Skype user’s password. Russian hackers found out that anyone can hack a user’s Skype account by using the email address tied to that account. Didn’t get the point, the flaw and hole is simple, when a person knows the email address of another ones Skype user, they can simple used that email and create yet another new Skype account. That’s it! How to get rid of it is below, check it out!
Actually, this allows the hacker to get a password reset token which is sent to the Skype app itself, so by using the same token can be redeemed to eventually claim ownership of the account. To stop it right now, simply change the email address on Skype.
Originally what happened? Skype has plugged a hole in its password recovery process that allowed outsiders to gain control of a Skype user’s account. Now Skype has fixed a Skype security flaw that may have been circulating on Russian hacker forums for months. Microsoft has disabled the option for users to reset their Skype passwords after security experts uncovered a serious flaw.
” To protect against this vulnerability, Raiu advises that users change the email address associated with their Skype account to a new, never-before-used address.”
The vulnerability allowed people to sign up to Skype with email addresses already in use by others and then force password resets for accounts associated with that address in order to gain access to your account.
Skype has temporarily disabled password reset and are investigating the situation. Hopefully it is sorted very soon. Until then change your email address! (via PC World)