Bad news for Mac OS users: 5-year-old Skype backdoor detected
IT specialists have found a significant vulnerability in another globally used application – Skype. Interestingly, that a secret backdoor, which grants a remote access to your computer, only works in Apple devices [1]. Fortunately, this vulnerability does not affect the entire Skype population. At least, for now. Meanwhile, IT developers have rushed to issue an update to fix the problem.
Setting backdoor in popular applications is not a novelty among hackers. Quite recently, Android users, who purchased their phones in the US territory, have fussed over the news that backdoor in their phones supposedly had transmitted data to the server located in China [2]. In this case, Mac OS users risk being the main victims of Skype backdoor. Fortunately, Trustware‘s SpiderLabs experts had found the law before the crooks devised a massive cyber attack. The vulnerability lied in Application Programming Interface, the set of protocols, routines, and tools enabling to maintain intercommunication between several programs [3]. IT specialists have observed that the backdoor could be easily accessed. Racketeers can evade authentication process by altering values in Skype Dashboard widget programs. Within seconds, the crooks can sneak into your device and violate your privacy.
Skype has been compromised having backdoors several times in the past already. A couple of days ago, virus researchers were preoccupied with another discovery – T9000 backdoor trojan. It is said to take snapshots of certain applications, including chats [4]. Analysts conclude that it is another variation of previous T5000 backdoor. Unlike this case, when the malware threatens Mac OS users‘ privacy, both, T9000 and T5000, aimed at bigger corporations.
Interestingly that this backdoor has “survived” more than 5 years. Analysts speculate that it might have appeared in 2010. Fortunately, Skype developers took immediate measures to fix the flaw. Trustware detected the backdoor already in October and rushed to notify Microsoft. As a result, the backdoor was eliminated in Skype 7.37 version. If you still haven’t updated Skype, do it now. In general, all users of this application should check whether they possess the latest version [5]. Staying up-to-date lowers the risk of encountering exquisite malware.
- ^ Kristen Hubby. Everything you need to know about backdoors. The DailyDot. A look into a secret, mostly unknown portal.
- ^ Matt Apuzzo and Michael S. Schmidt. Secret Back Door in Some U.S. Phones Sent Data to China, Analysts Say. The New York Times. News, Opinion, Arts, Living.
- ^ Vangie Beal. API - application program interface. WeboPedia. Online Tech Dictionary for IT Professionals.
- ^ Doug Olenick. Skype targeted by T9000 backdoor trojan. SM Magazine. The Cybersecurity Source..
- ^ How do I keep my version of Skype for Windows desktop up to date?. Skype Support.