Skype has not been attacked, eBay said Friday, dispelling rumors that Russian hackers took down its popular online telephony service.
For more than a day now, millions of Skype users have been knocked offline by a major service outage that has crippled the service. By Friday morning, things had improved for some users, but many were still unable to connect.
eBay attributes the outage to a problem in a Skype networking algorithm, but code has been posted to a Russian security discussion forum that could supposedly be used to knock the service offline in a DOS (denial of service) attack.
The code, which was published anonymously, appears to be capable of forcing Skype's servers to freeze up, said the discussion forum site's editor, Valery Marchuk, in a posting to the Full Disclosure security discussion list. "Reportedly, it must have caused Skype massive disconnections," he wrote.
Not necessarily so, say researchers who looked at the code Friday.
The code is designed to repeatedly launch Skype and overwhelm the server with information, said Andrew Storms, director of security operations with nCircle Network Security. "But I couldn't say if it would have this kind of potential DOS effect on all of Skype," he said.
The code simply would not work as advertised, said Stefano Zanero, CTO with Secure Network SRL. "The attack code is fake, no doubt on that," he said. "I don't think this is the cause of whatever is happening to Skype."
eBay's Villu Arak addressed the issue directly in a Friday blog post, saying that neither hackers nor a recent technology update were to blame.
"Neither Wednesday's planned maintenance of our Web-based payment services nor any form of attack was related to the current sign-on issues in any way," he wrote.
Get the independent advice and expertise you need to support a virtual workforce.
The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.
Download now »
Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.
Download now »
A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.
Download now »
1 Recommendation
