Skype Investigating Exploit That Reveals Users’ IP Addresses
Skype announced today that it’s looking into a new tool that retains a user’s last known IP address. The tool, for which instructions were posted on Pastebin last Thursday, reveals a person’s IP address without the need to add the targeted person as a contact first.
According to ComputerWorld, the privacy-breaching tool can uncover the IP address of a Skype user by simply looking at the user’s general information and log files. Skype, which was acquired by Microsoft last year, assured the user community that they were on the case and said in a statement:
We are investigating reports of a new tool that allegedly captures a Skype user’s last known IP address. This is an ongoing, industry-wide issue faced by all peer-to-peer software companies. We are committed to the safety and security of our customers and we are takings measures to help protect them.
While knowing a last known IP address won’t reveal the Skyper’s name or physical address, it’s still a privacy concern nonetheless. As ghacks points out, the IP address can be used to pinpoint the general location (such as the city) of the Skype user, which could be concerning for the paranoid and can-never-be-too-carefuls.
Given that Skype’s seen a swell of users this year, it’s not likely that the exploit will remain unattended to for too long. Having recently crossed the milestone of 40 million concurrent users, Skype doesn’t want to see that number take a dip. They may already have a solution in the works for this exploit given that a research paper was published last October in which details of how to secretly determine a user’s IP address were explained.