A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app.
The security researcher Yossi discovered that is possible to discover a target’s IP address by sending a link over the Skype mobile app. The researcher pointed out that the attack only requires the target to open the message. The problem only impacts the Skype mobile app.
The knowledge of the IP address can allow threat actors to find the physical location of the target posing a risk to their privacy, security, and safety.
According to 404 Media, Yossi reported the issue to Microsoft earlier this month, but it seems that the company initially downplayed the problem and gave no indication that it plans to address the flaw.
“[the] disclosure of an IP address is not considered a security vulnerability on it’s [sic] own,” Microsoft told Yossi.