Skype is working to fix a security issue in its Android application, which could expose users’ profile information and messaging history. Malicious third-party apps could exploit security problems in the app to access these Skype files, which are stored on your phone.
A Skype spokesman said the problem was brought to Skype’s attention yesterday, and that the company immediately investigated the claim.
The problem was first reported on Thursday by the blog Android Police, which was also the first to find the Google malware apps last month. Android Police first found the flaw in a leaked beta version of the Skype video application, then later discovered it was in the market version of Skype for Android as well.
In a post on its security blog, Skype’s chief security officer, Adrian Asher, acknowledged the issue and cautioned users to be careful about what other apps they download to their phones while the company fixes the problem.
Android Police has posted a video showing the hole, using a proof-of-concept app one of its developers created: