Malware

Skype IMs Go Rogue

Some users of Microsoft’s Skype service are having problems with their text messages, as detailed in the Skype support network.

Skype instant messaging contacts are getting messages originally addressed to others. A few users who got messages from one Skype contact found those messages were somehow sent from their accounts to yet other Skype contacts without their knowledge. Some received messages from Skype users they didn’t know.

The problems apparently began after users updated to a new version of Skype in June.

A Skype admin named Claudius responded in the support network forum that the company’s investigating the problem and hopes to provide a solution. Claudius also recommended users download the latest version of the Skype software.

“We are aware that, in rare circumstances, IMs between two contacts could be sent to an unintended third contact,” Skye representative Chaim Haas told TechNewsWorld. “We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype.”

What Might Have Happened

Skype hasn’t specified the exact root of the problem, but “there are a number of things that could cause this,” Jim McGregor, founder and principal analyst at Tirias Research, told TechNewsWorld. “It could be a bug arising from capabilities with a particular operating system or other application configuration, or a bug within someone’s computer system, or a bug in the application.”

Typically, problems like this are linked to viruses on a user’s system, McGregor remarked. “I doubt that it’s a widespread problem, but a bug in the recent release is always a possibility. Software is never perfect, which is why we have a constant stream of updates.”

Only a “small number” of users have been affected by this “rare occurrence,” Skype’s Haas stated. “We’re hoping to provide additional clarification shortly.”

Skype’s Security Issues

This isn’t the first time Skype has had security problems. In May, a tool published on Pastebin that captures the last-known IP address of a Skype user made the headlines.

The tool exploited a flaw in a patched version of Skype 5.5 that lets anyone see another person’s vCard and get that person’s real user IP address and the IP address of the internal network card on that person’s PC. More information about the target, such as where he or she is located and the Internet service provider the target is using, can then be obtained by going to a Whois service.

The flaw was publicized in November of 2011 by an international team of researchers in a paper presented at the Internet Measurement Conference 2011 in Berlin. They contacted Skype and Microsoft, which had purchased Skype, about the flaw. Skype said in May that this flaw exists in all peer-to-peer software. Skype’s Haas did not respond when asked whether this flaw had been fixed, and whether this flaw and the latest IM problem are related.

In April, a vulnerability in Skype for Android that would affect at least 10 million users of that app was discovered and publicized on the Android Police blog.

In June, a Skype user complained of security issues with Skype for iPad. About once a week, he’d get a message on his iPad that someone was calling him on Skype, or he’d see a message that he’d missed calls. In both cases the people apparently trying to contact him were not on his contact list.

Possible DIY Fix for Skype IM Issues

Users whose Skype IMs are going to other users without their knowledge should scan their PCs first for any viruses, then delete Skype, Tirias Research’s McGregor recommended.

Next, they have to make sure that their system meets all Skype’s requirements and has all system-level updates installed. Finally, they should reinstall Skype and see if this fixes their problem.

Skype has pledged to roll out a solution to the IM problem soon.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Richard Adhikari
More in Malware

Technewsworld Channels