Skype for iPhone vulnerability allows hackers to steal Address Book content from a chat message

Brian September 20, 2011 0

If you are using Skype for iPhone or iPod Touch, the Address Book on your device can easily be stolen via a simple chat message.

How does it work?: Javascript commands are entered into the user names Skype account, a chat message is sent to the user who is using the newest version of Skype for iPhone, and a program is loaded onto a web server to receive the Address Book content.

Check out the video below to see it in action.

The report claims there is two oversights that are allowing this to happen so easily:

Failure by Skype to sanitize potentially dangerous JavaScript commands from the text that gets sent in chat messages
iOS allows address book contents accessible to every app installed

Obviously Skype will need to address this issue quickly or Apple should pull it from the App Store until it is safe.

(Suprever)

TAGS » address book, apple, apple headlines, apple news, hack, iOS, iphone, ipod touch, skype, vulnerability

POSTED IN » Apple, iOS, News

Skype for iPhone vulnerability allows hackers to steal Address Book content from a chat message

Tips:

Apps: