Flaw in Skype Makes It Easy to Eavesdrop on Anyone With an Android Phone

If you currently have the Android version of Skype on your phone, it looks like there is a flaw in the software that makes it easy to eavesdrop on anyone with the client. As it stands right now, it looks like the flaw is only in the Android version of the software, but considering Android has a massive user base, this issue likely affects a large population of users.
Flaw in Skype Makes It Easy to Eavesdrop on Anyone With an Android Phone
The Skype logo is pictured at Skype headquarters in Luxembourg, Tuesday, May 10, 2011. AP Photo
Updated:

If you currently have the Android version of Skype on your phone, it looks like there is a flaw in the software that makes it easy to eavesdrop on anyone with the client. As it stands right now, it looks like the flaw is only in the Android version of the software, but considering Android has a massive user base, this issue likely affects a large population of users.

Here’s how it works, the flaw exists in the Android version of Skype and what happens is, you can force that client to call you back which activates the camera and microphone of the target. To exploit the flaw, you need two Skype devices and follow the steps below:

  1. Have 2 devices signed into your Skype account. Desktop and phone will do.
  2. Call the target’s Android Skype account with device 1.
  3. Disconnect device 1 from the Internet as the target phone is ringing.
  4. Target phone will immediately call you back.
  5. Pick up with device 2.

The reason we believe that the phone calls you back is likely related to Skype trying to re-connect a dropped call. But, because a call was never completed in the first place, this means that you can turn on a remote user’s microphone and camera using this method.

Republished with permission from Neowin. Read full article