iPhone Skype vulnerability allows address book content theft, One More Reason to sue Apple

iOS users should watch out next time they decide to take up a conversation via Skype, they could be exposing themselves to a pretty fundamental security hole.

The vulnerability can easily be used to steal content direct from an iOS Skype user during a normal chat log and the victim is none the wiser during the attack. By utilizing the correct JavaScript commands in the attackers username and then sending the victim a message, the script can instruct whatever iOS device is on the receiving end to transfer data back to the attacker.

The attack can only work if the potential victim is using the latest version of Skype for iOS, but providing they are, their address book simply copies to a web server in a single file, easy for download.

Video Demo Below!