Do you use the Skype for Android app? Your personal information may be vulnerable thanks to an exploit in the app.
Android Police reports that this exploit was discovered while the site's staff members were digging into a leaked version of Skype Video. They discovered a peculiar security exploit ó which they then proceeded to replicate on the regular Skype for Android app. (It's worth noting that the Skype Mobile for Verizon app appears to be unaffected by this particular exploit.)
It turns out that for some reason the folders and databases containing all the data related to the Skype app and your account are accessible by anyone or any app ó and on top of that, they're not even encrypted:
This means that a rogue developer could modify an existing application with code from [Android Police's] Proof of Concept (without much difficulty), distribute that application on the Market, and just watch as all that private user information pours in. While the exploit canít steal your credit card info, the data itís harvesting is still clearly very private (chat logs linked back to your real name, address, and phone number).Sounds scary, right? It's even more terrifying if you consider that Skype for Android, the app in question, has been around since October 2010. Based on Android Police's estimate, this means that about 10 million users have been at risk of having their data accessed via this exploit since that time.
According to Android Police, Skype is investigating this issue, but in the meantime we suggest staying clear of apps with questionable origins if you're a Skype for Android user ó that'll at least minimize the chances of hitting on a rogue malicious app and having your personal data scooped up.
Technolog - Skype Android app can expose your personal information