A vulnerability has been found in the mobile version of Skype that allows criminals to know the user's IP address. This is reported by the 404 Media portal, referring to a researcher in the field of cyber security known by the pseudonym Yossi.
According to Yossi, a hacker can find out a user's location by sending him a message with any link. When the user opens that message, their IP address will be transmitted to the hacker's server.
Yossi demonstrated this method with the example of a 404 Media journalist, whom he was able to identify even when the journalist was using a VPN service that hides the user's IP address.
Yossi claims that he reported the problem to Microsoft, the owner of Skype, on August 12, but it was not taken seriously. At the time, Microsoft stated that revealing the IP address was not considered a security vulnerability.
Only after 404 Media reached out to Microsoft for comment did the company promise to fix the vulnerability in a future update. However, Microsoft did not specify specific dates.
Skype was launched in the fall of 2003. In May 2011, Microsoft acquired this company for $8.5 billion. By then, Skype had over 650 million users. According to Statista, Statista will have more than 2.27 billion users in 2024.