Adjust text size:
Hundreds of people reported to Skype that their accounts had been hacked. The victims either couldn't log in anymore, or discovered that unapproved payments had been made by someone using the embedded PayPal option. The transactions performed via Skype prompted users to vehemently complain about the security breaches allowed by the company.
And what better method to resort to than writing directly to Skype and asking for some sort of retribution, no matter if it's about retrieval of passwords or refunding the money lost to the hijackers? Surprisingly enough, the company seems to have remained impassive to most of the complaints received so far. On the Skype board of discussions, one user claims to have sent the company one email a day, starting with the moment he discovered that his account had been hacked. In some cases, although at least one month separated the incident from the time of posting on the forum, no answer came from the company.
Hijackers often break into the account and use it to steal, if money is not available, personal information about the persons in the victim's contact list. So, unwary people don't pay attention to details, and can't tell the difference between their friend and the person who hacked into their accounts.
“I usually talk to my brother in Germany several times a week over Skype, and since I got hacked he has seen my account online with changed profile and country setting.” one user says about the moment he realized that his privacy was being endangered.
The few emails that Skype eventually does send back usually bring nothing but bad news. “Skype can not refund the money you might have lost due to this incident. Every user has to take care of his/her security systems on private computers.” is the message sent to a user who managed to retrieve his password, but not the money that he had lost.
No one knows exactly what the security vulnerability exploited by hackers was, since, because of the encryption of the username and password made during the signing in process, a man-in-the-middle attack seems almost impossible to have been employed.
MUST-READ RELATED ARTICLES:
|Comment #1 by: theodore reynolds-koranteng on 21 Nov 2009, 18:24 UTC|| reply to this comment|
Skype account hacked and now way to change password
Someone has hacked into my skype account and I have automatic skype credit refills. I now can't log into my account because my email address that I used to open my skype account is no longer active. There is no way to get in contact with Skype so I am very frustrated. Is there a number I can reach someone at?
can you help me - i have had to create a new account - the hacked account ID is BCDESIGN2
|Comment #2 by: worminator on 19 Feb 2010, 00:07 UTC|| reply to this comment|
My account was hacked, but I was fortunate in that I noticed within 6 hours and my password had not been changed. I changed the password which of course locked out the hackers and reported the fraud ($30 of Skype credit) to Paypal. Paypal did not refund the money, but Skype refunded the credit automatically.
I suspect my account was hacked by simple brute force attack. You should use a strong password, letters and numbers, to protect your account, and ensure that automatic Paypal payments are disabled.
|Comment #3 by: Nube2021 on 19 Nov 2010, 14:47 UTC|| reply to this comment|
My account has beed hacked yesterday and I only use Skype in my office at a departement of a big technical university in Germany, so it is very very secure here. But Skyp still tells me it has to do with my security settings, I should use a better firewall and that's why they don't want to refund anything.
|Comment #4 by: Monkey222 on 23 Dec 2010, 18:14 UTC|| reply to this comment|
I am surprised that Skype has 8.1 million paying customers.
After 4 years of using the free service I recently decided to add Skype credit via PayPal. Within 4 hours, whilst I was logged in and online via the 'secure' client, my £20 credit was being syphoned off by a hacker making calls to Sri Lanka - all recorded neatly in the Call History tab.
Fortunately, I noticed this and was quickly able to change my password from the settings and log out to prevent the hacker changing the primary email account to one of his choice - thus locking me out of my own account.
As a systems engineer I keep my computers malware and virus free, do not login to public computers and employ a strong password policy for all online accounts. I was puzzled as to how my account had been compromised so quickly. After Googling Skype account hacking I was amazed to see the hundreds of similar reports from users who had had their accounts hacked and Skype credit stolen.
Searching further into the murkier side of Skype hacking highlighted how easy it was to hack the Skype database and extract usernames and passwords containing credit. There were even downloadable Skype hacking tools on offer.
I reported this via Live Chat to a Skype support agent. Finding the link alone to this feature was a time consuming effort as Skype bury all their real support links very deeply into generic help pages. The support agent informed me that:
A) Skype would not refund stolen credit
B) The Skype client would not always identify multiple logins to the same account
C) Implied that most likely my computer had been compromised yet then acknowledged the usage of Skype hacking tools aimed at their database
To add insult to injury Skype rarely offer a way of securing your account once compromised or allowing you to delete it should you wish to. Your Skype profile contains all your personal payment information such as credit card details, billing address, etc. They also employ a simply disasterous "Auto Recharge" option for your Skype credit, whereby a payment request is automatically submitted via your chosen payment provider when your credit approaches £0.05. Some unfortunate victims have been powerless to stop these requests being approved and have lost both their existing balance plus top up credit.
Should you wish to close your account (if you still have access to it) Skype recommend you login and replace all existing profile information with bogus credit card and address details, change the password, log out and dont log back in again! This is the extent of their account security.
I think Skype has the potential to be a great tool, it already is on so many levels, yet there are some massive security flaws in this product being exploited in the wild. Google Skype hacking for yourself and read through the misery users are exposed to. The Skype executives shield themselves cleverly behind a layer of support agents who are forced to regurgitate the companies policies when confronted by angry victims of account abuse.
Until Skype come clean about their security issues and face the music then why would anyone use anything more than the free service? I can only imagine the ensuing financial chaos that corporate account hacking will bring should Skype become more mainstream for businesses - and the excitement of that prospect for existing Skype hackers.
|Comment #5 by: ecsk on 03 Jul 2011, 22:39 UTC|| reply to this comment|
I'm the latest victim of hacked Skype user, after googling and browsing all these information, I'd say bye bye to Skype until Microsoft takes this seriously.
|Comment #6 by: Cadboyuk on 17 Aug 2011, 13:51 UTC|| reply to this comment|
This is still happening.....and Skype is still ignoring my emails other than an auto reply. Over £100 was taken from my Skype account and there is NO trace...or so they say! If Skype cannot tell (or don't care enough to respond on) what happened, there is no hope.
Bye bye Skype, you were an expensive mistake!
|Comment #6.1 by: sheesh on 04 Sep 2011, 16:47 GMT|
yeah... found out today I had been making calls to Egypt and Indonesia for a while. Luckily I had lost my cc and the replacement card had a different number so the auto-recharge failed.... phew.
|Comment #6.2 by: Anti-Skype on 19 Sep 2011, 08:37 GMT|
I'm taking them to court in the UK. They are liars and thieves, and only blame their customers for their failings. I'm also sending a complaint to trading standards. This has to be addressed, and they must be punished.
|Comment #6.3 by: Benni on 20 Sep 2011, 21:56 GMT|
I'd be interested to see where you get with that court case Anti-Skype. I've reported it to the police. It is theft... which is a crime. Lets see what they say tomorrow!
|Comment #7 by: Lingers Punter on 06 Nov 2011, 16:45 UTC|| reply to this comment|
My Skype account was hacked on 5 November.
Skype have refused to refund. I have only ever used Skype on own equipment and have always protected password - obviously username available to all. I fail to see how this could have happened without involvement of Skype employeee
|Comment #7.1 by: hacked off on 09 Nov 2011, 22:40 GMT|
happened to me today. I agree it has to be someone in the skype organisation.
|Comment #7.2 by: sheesh on 17 Nov 2011, 05:54 GMT|
Yes, this was my thought exactly. They tried to tell me a virus may have harvested my password or I might have used it at a net-cafe or something... lol nice try. My password was a serious industrial strength one that I really doubt could be guessed or brute-forced, I never used Skype it anywhere except one machine which never leaves the house, and Linux doesn't have a whole lot of viruses.
My conclusion: Skype's compromise is an internal leak. However it is a very profitable one for them so they don't care. Normal users spend their credit very sparingly because they paid for it, but hackers will throw your money around quite happily. In the short run it makes sense for Skype to ignore your plight. In the long run it will probably be the death of the company.
|Comment #8 by: skype sucks on 17 Nov 2011, 11:34 UTC|| reply to this comment|
Skype is pure garbage. I was hacked for over 100 euros and have been trying for over 24 hours to contact Skype and secure my account and am about to give up. I made a few calls from Europe to the US in the last six months, then suddenly someone changes the interface to Chinese and makes 500 calls to the Philippines and this doesn't trigger an automated security alert? Meanwhile I make one purchase on my credit card in Germany and my bank puts a hold on my credit card.
|Comment #9 by: Warhawk101 on 23 Nov 2011, 20:24 UTC|| reply to this comment|
A little bit ago me and my friends were chatting on Skype in a private chat group. I glanced up to see that one of my comments appeared changed which I immediatly thougth a Hacker had done something, but my friends dismissed it, until it happened to them as well. Soon we were chatting with the Hacker, who would change our messages to communicate. I dont pay for Skype and haven't had money stolen but I'm curious, how can someone do that? And, am I the only one this has happened to?
|Comment #10 by: anandcct on 09 Feb 2012, 17:51 UTC|| reply to this comment|
I was just using skype to converse through sound with a friend in USA. I am from India.
While talking I noticed that my screens started changing and it opened my friend's gmail account and was displaying all correspondence. And it was real time and live. Someone was trying to select and delete emails. And I could see it.
So I let my friend know what is happening. And disconnected my internet physically.
I am using a different operating system to post this message. I have not cleared anything on my pc. Any help to track down will be greatly appreciated.
Thanks in advance to those scholars who can help solve my puzzle.
|Comment #11 by: James B. on 23 Feb 2012, 14:24 UTC|| reply to this comment|
Skype has really opened their liability way up by not taking action to secure users data and securing their connections to keep hackers out of the system. This is not the user's fault, but Skype's. And placing the responsibility on the user is Skype's way of saying "I'm not doing anything about it, it's not my fault you got hacked." It's not the user's fault they got hacked, the Hackers need vigorous and high prosecution. If Skype won't do something about it, the governments around the world need to step in and prosecute.
|Comment #12 by: muxaun on 12 Mar 2012, 16:04 UTC|| reply to this comment|
Hello. Somebody hacked my best friend's profile and wrote something about killing...and after one person was killed, and my friend went to prison, only from skype chat. If I can prove that skype can be hacked, he will be saved. He is good person, and some criminals made a very bad joke... please help! How to find documents and official scientific publications for hacking skype? Thanks!
|Comment #13 by: NB on 13 Mar 2012, 02:07 UTC|| reply to this comment|
I had my Skype account hacked recently, and the agent didn't do a * thing about helping me get my account back. I had registered with the same email address I had been using for a while, and now it says it doesn't exist on their records. They THEN tell me to get the account back, I need to verify the email address used. How the hell do you provide an email address that doesn't exist on the system, let alone the hackers email address?!?!
I'm never using Skype again because the support doesn't do enough to help their customers, and their system is like swiss cheese. It's identity theft, and Skype doesn't even lift a finger to try and help.
|Comment #14 by: john_coller on 26 May 2012, 15:12 UTC|| reply to this comment|
My Skype account was just hacked. My balance has been used up and £11.50 deducted from Paypal. If you top up Skype once with Paypal the accounts are linked and a hacker doesn't need the Paypal password. They refused to refund it, Skype refused to remove the link and I had to go through my Paypal account to stop them taking any more money.
Search google trends for Skype Hacked, and it shows there is a big spike at the moment. If it is a password complexity issue the trend would be flat, if it was virus related the trend would be more gradual as the infection spread; The only rational explanation for spikes is a problem at their end.
|Comment #14.1 by: DH on 19 Jun 2012, 03:57 GMT|
My account has been continuously hacked for three months and nothing I could do could stop it. I spent hours emailing and chatting with Skype and tried everything they suggested, changed password, changed email address etc. They kept saying the problem was at my end.
Eventually I changed my password and email address via the internet from someone else's computer and within 24 hours I was locked out of my own account which proved the problem wasn't with my computer.
When I changed my PayPal password the hackers overrode me and topped up my Skype credit six times whilst I was talking to PayPal on the phone.
The PayPal guy was amazed.
Skype and PayPal are now repaying me but Skype hides behind a wall of anonymity and refuses to acknowledge that their security has holes in it.
|Comment #15 by: 89by2 on 27 Aug 2012, 18:14 UTC|| reply to this comment|
I think that the vulnerability is directly in Microsoft's Skype. On the iPhone I got a message to share or backup to MS server my contacts. When I declined, my Skype program closes. There was no alert from MS Skype about doing this. They put it mandatory to accept in order to continue using your account since declining is not an option. And my account is a PAID account. I have to think after reading other posts that this is serious. A law firm should be looking into this Microsoft's malpractice business and start a class action against Bill Gates and his company. We are dealing with security issues, fraud, and maybe, who knows, association to commit a crime.
|Comment #16 by: annoyed on 19 Sep 2012, 23:43 UTC|| reply to this comment|
email@example.com just hacked my account :(
Copyright © 2001-2013 Softpedia. Contact/Tip us at