Patreon Logo Support us on Patreon to keep GamingOnLinux alive. This ensures all of our main content remains free for everyone. Just good, fresh content! Alternatively, you can donate through PayPal Logo PayPal. You can also buy games using our partner links for GOG and Humble Store.
Title: "goo.gl" virus on skype - how does it send the messages?
Guppy 2 Jul 2018
So yesterday a friend writes to to ask about a link I've sendt on skype ( which I haven't used for 3-4 years, except to make video call to my sons when I'm away ).

Now the strange thing is I've skype installed on only on my LDMDE box at work ( which was off ) and on my phone.

All guides I've found online suggest that it's a trojan on window and offers paid software to remove it.

So I'm left with three possible vectors for the messages;
  • My android phone is hacked

  • My skype accounts password has been stolen

  • Skype has once again had a protocol vulnerability that allows random people to send messages to your contacts



#3 would've made the headlines I think.
#2 they would have changed password and/or abused my credit cards.

So it's quite possible nr 1 - but how the f... do I check that?
I only ever install apps from the playstore but then there are a number of remote code execution vulnerabilities on android so..
Guppy 2 Jul 2018
Installed Bit defender and Malware bytes on the phone - both gave the all clear, added two step auth on my microsoft acc. which I certain to regret soon enough :|
kaiman 3 Jul 2018
I've been getting two of those in the last week, coming from my wife's Skype account. Only, she hasn't used that account for years, and I don't think it's even active on any of our devices any more. Perhaps the accounts sending these messages have been hijacked?
Guppy 4 Jul 2018
Quoting: kaimanI've been getting two of those in the last week, coming from my wife's Skype account. Only, she hasn't used that account for years, and I don't think it's even active on any of our devices any more. Perhaps the accounts sending these messages have been hijacked?
The official stance from microsoft is that 3rd party have obtained the email/password because you've used it on other sites aswell.

Now granted my email is found in a few leaks as confirmed by https://haveibeenpwned.com;

adobe
gpotato
Unreal engine
antipublic ( dupes of the above )
Exploit.In ( same )

As all of the above leaks have been made accessible via torrents I know for a fact that none of them used the same password as I use for my microsoft account.

It's of course possible that they cracked the password through other means, but I would think they would have been more creative with the possibilities - especially given that there was potential for creditcard fraud.

Even so I've added 2-step auth that way if/when it happens again at least I have proof that they are wrong ;)

If you wife does not use her account you should delete it and/or add 2-step
razing32 5 Jul 2018
User Avatar
Would be curios how they got in , in the first place.
Do you mind me asking what service was the email on ?
g000h 5 Jul 2018
It's probably worth thinking outside the box - For instance, maybe the hacking is on your router, and that is the attack vector instead.
Guppy 11 Jul 2018
Aaand it happened again - this time atleast I discovered it rather fast because the translated replied that I needed to add more people to the converstation :P

So it seems that two factor auth is not a solution here :(
Guppy 11 Jul 2018
Spendt way to long talking to MS support -.-'

Aparently even though I sign into my skype account using the same email and password as my microsoft/live/xbox account they are in no way linked* - you need to create a NEW microsoft account and link you skype account to it and enable 2FA for that.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon Logo Patreon. Plain Donations: PayPal Logo PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register
Register Forgot Login?
★ Support Us
Popular this week
Search or view by category
Contact
Latest Guides
MorrowindHow to setup OpenMW for modern Morrowind on Linux / SteamOS and Steam Deck
By Liam Dawe,
10
Hollow Knight: SilksongHow to install Hollow Knight: Silksong mods on Linux, SteamOS and Steam Deck
By Liam Dawe,
1
> View more Tips & Guides
Recently Updated
Buy Games
Buy games with our affiliate / partner links:
Latest Forum Posts
Misc