Check out our Monthly Survey Page to see what our users are running.
"goo.gl" virus on skype - how does it send the messages?
Guppy Jul 2, 2018
So yesterday a friend writes to to ask about a link I've sendt on skype ( which I haven't used for 3-4 years, except to make video call to my sons when I'm away ).

Now the strange thing is I've skype installed on only on my LDMDE box at work ( which was off ) and on my phone.

All guides I've found online suggest that it's a trojan on window and offers paid software to remove it.

So I'm left with three possible vectors for the messages;
  • My android phone is hacked

  • My skype accounts password has been stolen

  • Skype has once again had a protocol vulnerability that allows random people to send messages to your contacts



#3 would've made the headlines I think.
#2 they would have changed password and/or abused my credit cards.

So it's quite possible nr 1 - but how the f... do I check that?
I only ever install apps from the playstore but then there are a number of remote code execution vulnerabilities on android so..
Guppy Jul 2, 2018
Installed Bit defender and Malware bytes on the phone - both gave the all clear, added two step auth on my microsoft acc. which I certain to regret soon enough :|
kaiman Jul 3, 2018
I've been getting two of those in the last week, coming from my wife's Skype account. Only, she hasn't used that account for years, and I don't think it's even active on any of our devices any more. Perhaps the accounts sending these messages have been hijacked?
Guppy Jul 4, 2018
Quoting: kaimanI've been getting two of those in the last week, coming from my wife's Skype account. Only, she hasn't used that account for years, and I don't think it's even active on any of our devices any more. Perhaps the accounts sending these messages have been hijacked?

The official stance from microsoft is that 3rd party have obtained the email/password because you've used it on other sites aswell.

Now granted my email is found in a few leaks as confirmed by https://haveibeenpwned.com;

adobe
gpotato
Unreal engine
antipublic ( dupes of the above )
Exploit.In ( same )

As all of the above leaks have been made accessible via torrents I know for a fact that none of them used the same password as I use for my microsoft account.

It's of course possible that they cracked the password through other means, but I would think they would have been more creative with the possibilities - especially given that there was potential for creditcard fraud.

Even so I've added 2-step auth that way if/when it happens again at least I have proof that they are wrong ;)

If you wife does not use her account you should delete it and/or add 2-step
razing32 Jul 5, 2018
Would be curios how they got in , in the first place.
Do you mind me asking what service was the email on ?
g000h Jul 5, 2018
It's probably worth thinking outside the box - For instance, maybe the hacking is on your router, and that is the attack vector instead.
Guppy Jul 11, 2018
Aaand it happened again - this time atleast I discovered it rather fast because the translated replied that I needed to add more people to the converstation :P

So it seems that two factor auth is not a solution here :(
Guppy Jul 11, 2018
Spendt way to long talking to MS support -.-'

Aparently even though I sign into my skype account using the same email and password as my microsoft/live/xbox account they are in no way linked* - you need to create a NEW microsoft account and link you skype account to it and enable 2FA for that.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register


Or login with...
Sign in with Steam Sign in with Google
Social logins require cookies to stay logged in.