Skype Android App Puts Personal Data at Risk
Skype's Android app contains a serious security flaw that can be exploited to put sensitive user information, including names, addresses and phone numbers, at risk.
MSNBC reports that the researchers at Android Police rigged the Skype app to allow its folders and databases containing all the data related to the Skype app and your account to be accessed by anyone.
This accessible data is not encrypted, and can include a user's chat logs, name, address, email address, date of birth, webpage, bio and phone number.
A rogue developer could modify an existing application with code from our Proof of Concept (without much difficulty), distribute that application on the Market, and just watch as all that private user information pours in, Android Police wrote.
Credit card information cannot be accessed, Android Police said, and the security bug was not found on Skype's mobile app for Verizon phones.
What's particularly troublesome is that Skype introduced its Android app in October 2010. Android Police estimates in that time, at least 10 users have potentially made their private smartphone information public.
MSNBC warns Android users to avoid apps with questionable origins. Security experts always advise app users to avoid third-party app stores, which are notorious hotbeds of corrupt apps .