May 1, 2012 at 12:58 PM ET
A security hole in Skype could allow hackers to obtain the Internet Protocol address of users of the popular video calling software.
"We are investigating reports of a new tool that allegedly captures a Skype user's last known IP address," said Adrian Asher, Skype's director of product security, in a statement to msnbc.com.
The problem, said Asher, is "an ongoing, industry-wide issue faced by all peer-to-peer software companies. We are committed to the safety and security of our customers and we are takings measures to help protect them."
An IP address is basically the computer's address on the Internet, and it can be used by hackers to send malware to a computer or, for example, to commandeer a computer to help launch a denial-of-service attack on a website.
The Skype vulnerability and how to run the exploit is explained on a file-sharing site. The person sharing the information doesn't seem to be fluent in English, judging from the wording in the post. In part, it reads:
This is help you to get info about skype user: City, Country, Internet provider and internal user ip-address ... Now you can troll him about CIA and Mossad, he-he.
Skype has an estimated 600 million users worldwide. The company was bought by Microsoft last year. (MSNBC.com is a joint venture of Microsoft and NBC Universal.)
Pradeep Chandrasekaran of Ubergizmo notes that the Skype exploit can "only work if the intended user is also online. The only ways to protect against this process is by logging off your Skype when it isn’t in use or by applying a virtual private network which effectively cloaks your IP address."