Jump to content
akkiliON

Social Engineering Skype Support team to hack any account instantly

Recommended Posts

  • Active Members

socialengineeringskypes.jpg

You can install the industry’s strongest and most expensive firewall. You can educate employees about basic security procedures and the importance of choosing strong passwords. You can even lock-down the server room, but how do you protect a company from the threat of social engineering attacks?

For any of you that are involved in security awareness efforts, you know what I am talking about. It could happen tomorrow, it could happen today or it might already have happened.

In a recent disclosure posted by renowned hacker and developer DarkCoderSc (Jean-Pierre LESUEUR) explained that how one can easily Socially Engineer Microsoft Skype Support team to get access to any skype account.

From a social engineering perspective, employees are the weak link in the chain of security measures in place. He simply used the weakness of Skype password recovery system itself.

One simply need to request a new password to Skype support and asking to change the password. After the initial step one needs to proof the real ownership of the account requested. You must give 5 contacts accounts to the support desk.

"That’s easy because you just have to add 5 fake temporary accounts to the target account and its done. Another option is to simply ask the target what people he know on Skype. That option wasn't that hard because I have over 1000 contacts." he suggests the trick.

Within few seconds attacker can become owner of any victim account by proving very basic information to support team.

"Also Microsoft’s Support Team should make a serious effort to communicate better to their customers. At the moment they do not seem to care that much about their customers."

Social engineering is the act of manipulating a person into gaining access or sensitive data by preying on basic human psychology. Still, There is no patch for human stupidity!

Social Engineering Skype Support team to hack any account instantly - TheHackerNews

Link to comment
Share on other sites

nu prea inteleg poi ca sa adaugi 5 contacte si sa vezi pe cine are in lista trebuie deja sa ai acces la acel cont nu?

sau nu am inteles bine...

1. Faci 5 conturi, adaugi victima pe fiecare dintre ele.

2. "Te duci" la skype support si le zici ca ti-ai uitat parola la cont si la mail ul atasat contului skype.

3. Dansi o sa-ti ceara 5 conturi din lista ta pentru a le arata ca tu esti detinatorul contului (cica)

4. Tot ei o sa-ti dea parola noua si o sa-ti seteze un nou mail.

Greets to TrojanForge security experts and friends that help me to acknowledge how all of this was done.

Sa moara fetilii :D

Aceaiasi faza ca aci'.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...