Skype is warning users
following the launch of a site devoted to harvesting user IP
addresses.The Skype IP-Finder site allowed third-parties to see a user's
last known IP address by simply typing in a user name.
A script has been uploaded to
Github that offers these options. According to the page, it can be used
to lookup IP addresses of online Skype accounts, and return both the
remote and the local IP of that account on a website.
The script is available. You need to just enter the user name of a Skype user, fill out the captcha, and
click the search button to initiate the lookup. You will receive the
user’s remote IP and port, as well as the local IP and port.
Adrian Asher, director of product Security, Skype “We
are investigating reports of a new tool that captures a Skype user’s
last known IP address. This is an ongoing, industry-wide issue faced by
all peer-to-peer software companies. We are committed to the safety and
security of our customers and we are takings measures to help protect
them.” The proof of concept is fairly
simple. All an attacker needs to do is download a special Skype variant
and alter a few registry keys to enable debug-log file creation.When
adding a Skype contact, before sending the actual request, the victim’s
information card can be viewed. At this point, the log file records the
user’s IP address.
The software, posted on Pastebin,
works on a patched version of Skype 5.5 and involves adding a few
registry keys that allow the attacker to check the IP address of users
currently online. Services like Whois will then give some other details
on the city, country, internet provider and/or the internal IP-address
of the target.
This particular flaw was discussed in a paper presented by an international team of researchers in November at the Internet Measurement Conference 2011 in Berlin.
There is currently no way of
protecting yourself against the lookup of the IP address, other than not
logging in to Skype when the software is not needed. The only other
option would be the use of a virtual private network or proxy to hide
the IP address from users who look it up.
0 comments:
Post a Comment