advertisement
Making Skype calls on Android could leave your phone vulnerable, allowing anyone to access content on the device without needing you to unlock it. This scary issue has been highlighted by a Florian Kunushevci from Kosovo quoted in a report by Threatpost, who claims to be a bug hunter, prowling around devices for issues with software and apps.
He’s even demonstrated the problem with the Skype app, that not only allows users to view their photos, but get access to contacts and phone’s browser (and its history) as well.
Below is the video, where Florian has shown how easily the Skype app, when you’re receiving a call is able to bypass a phone’s lock code and gain access to all the content on the device.
He believes that with this issue, anybody getting access to a phone, just had to make a Skype call to get hold of confidential data that otherwise wouldn’t have been accessible without the user’s consent.
In Microsoft’s defence, the issue reported by Kunushevci in October last year was reportedly fixed for bugs and the updated version of Skype Android app was made available to users in December.
Florian Kunushevci even reached out to the world via his LinkedIn post titled Skype Android Authentication Bypass
It’s interesting the app has been fixed, but we’re yet to officially hear about the matter from Microsoft. It’s good the company managed to fix the issue at hand before a major incident breaks out.
Kunushevci also stressed that the vulnerability is confined to the Skype Android app and didn’t spread across to users on iOS or Windows 7/10.
It has been a few months since Skype decided to support end-to-end encryption while making calls, but with issues like this, it doesn’t matter if your device is secured or not. Apple users faced a similar issue with earlier versions of iOS 12 that allowed anyone to bypass the phone’s lock screen.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)