SBM Labs

Cyber Security Collaboration Project

Skype Account Compromise
23 Mar 2017

Let's look at case when your Skype account was hacked. For example, in order to get financial help using contact list.

What Skype recommendations?

Ok. But what should we do if attacker has changed password and updated security info?

So we can't proceed with password recovery form. In this case Skype suggests to provide as more info about us as we can in order to restore access to account. But your attempts can be failed and you'll receive reply that there is not enough information. It is sad.

Do not despair! You still have a chance to return Skype account.

1. First of all you need attacker e-mail address that was specified in security info of your Skype account. You can get e-mail domain during password recovery. Full e-mail address can be disclosed during account recovery process in notifications from Skype.

2. Check attacker e-mail domain for "temp mail" (kind of service) usage.

$ nslookup
> set type=mx
> [DOMAIN_NAME]

3. Go to "temp mail" service provider. It can provide public access to temp mailboxes. So you will get access to temporary mailbox that was used during attack and opportunity to restore access to your Skype account!

4. Don't forget to change password, update security info and check active Skype sessions.

/showplaces
/remotelogout

Simple PHP Backdoor
Spam-Infected Website
Protection of CMS Joomla administration panel
Theft of American Express, Visa and MasterCard card data