14 DAY TRIAL // Researchers from universities in Germany, USA and France have worked together to prove that real-time communication applications can be exploited to determine the current IP of a user even if he sets his privacy settings to offer an enhanced protection.
The experimental paper called “I Know Where You are and What You are Sharing,” focused on the use of Skype, but it seems as MSN Live, QQ and Google Talk customers are also susceptible to such an attack.
By calling a targeted account holders periodically, they were able to observe his mobility and by combining Skype with BitTorrent, they proved that it's possible to determine the filesharing habits of certain internauts.
The estimated costs of an operation that allowed the tracking of 10,000 users by utilizing a cloud computing platform was estimated at $500 (350 EUR).
So how does the method actually work?
Because Skype has an advanced member search engine, it's fairly easy to precisely locate someone. After identifying the target, they were able to send packets to his account that returned data which could reveal the IP address they were currently using.
The whole operation is unnoticed by the victim as all the SYN packets of any TCP connections were dropped. This allows the process to take place even if the caller is blacklisted or not in the target's contact list.
The obtained IP addresses of individuals were matched against BitTorrent sites which revealed their activity even when the test subject's device was a component of a larger network.
According to the paper, one way to counterattack this weakness is by designing the VoIP system “so that the callee's IP address is not revealed until the user accepts the call.”
This is not the first time we hear of vulnerabilities in Skype. Even more serious ones were pointed out recently by Benjamin Kunz, founder of the Vulnerability Laboratory in an exclusive interview.
“The discovered local & remote vulnerabilities can result in the an account steal, session hijacking or for example execution of malicious content out of the software context. Skype exploitation on the black scene is very rarely because of the tricky art of exploitation inside of the software,” Kunz revealed.
“On Skype there are not much techniques know which could lead to mass exploitation because Skype security works in cooperation with hackers & researchers.”