I'm not exactly sure what the exploit does. What I can tell you, is that people send direct links towards certain ips, or links hidden inside % google codes. I was able to trace at least one of these links, redirected to a site wich ownership appears to be "private person protection", in Russia.

What this does is briefly connecting to certain sites, like gieldoweb.info and similiar others, then giving off a normal google search result on your browser. Per se, it appears harmless, it looks like someone is collecting ips using this method. If I ever get the patience to, i'll sandbox my own skype, infect it, and monitor exactly what skype is trasmitting back to the site using a network sniffer.
I'm not exactly sure how this method can be used to sniff out skype's password. If just sending a link is enought to cause skype to give away the password or any other info needed to send messages using that skype account, microsoft must have left a really huge exploit inside skype and now some russian hacker is having fun with it...

If one of you is infected send me the infected link you clicked. I need to figure out if the guys are only using one site or several ones. Makes the difference in understanding how pro this exploitation is.

For the meantime, not clicking on links sent trough skype is the only effective protection. Guys, if some of you is hack-sawwy, contact me, we'll try to figure out what these people are doing. I'm a dumbass myself but maybe some of you is good at this.

Also. Microsoft, learn to patch your goddamn gaps. This is bad enought to cause people to leave the service in mass -.-