A worrying vulnerability has been discovered in the Skype, Android application, which currently has around 10 million Android users. The discovery was uncovered by the Android Police website team, and shows that the users personal information including contacts, profile, IM logs, and other information within the Skype app is open and available for nefarious and malicious apps to steal.
The security flaw which is due to improper permissions on key files was first found in the new Video application but was then traced back to the standard version of Skype for Android as well. Watch the video of the vulnerability after the break to see the exploit in action.
The information stored by Skype within the files, is not only accessible but unencrypted, and could allow a rogue developer to modify an app and harvest your private data, including your accounts information that contains your name, date of birth, cell phone number, and more. Android Police have posted a proof-of-concept walk through of the dangers this vulnerability brings with it.
**The “Skype Mobile for Verizon” version of the app appears unaffected at this time
Source : Android PoliceFiled Under: Android News, Technology News