Watch Out: Old Trojan Spreading as a Photo Attachment on ICQ

With the advent of instant messaging software like Skype and Yahoo Messenger, older clients like ICQ eventually faded into the background. So if some people are still using ICQ to chat with acquaintances or newfound friends, then they'd have to face the wrath of some cyber bullies who are spreading trojans using the instant messaging service.

Softpedia reports having received a message, written in Russian, while being online on ICQ. After a bit of analysis, they discovered that the picture it was pushing was actually a malicious screensaver embedded with an old Trojan.

The message links to Russian website called megaupload.ipbux.ru, which has been designed to look like an image hosting service.

Hi, I cannot remember where I got your ICQ. Maybe you remember me? or photos you recognize me? Here is the link as bitly.com/[redacted] will then write to me, I throw off another link.

-- Scam ICQ message

The site, however, contains shady ads and links that don't work when clicked. The .ZIP file containing the purported "picture" actually contains a screensaver file that hides a Trojan that has been identified by ESET as Win32/VB.qnb.

This discovery was interesting in the sense that the ICQ account Softpedia was using was relatively new, which means that the scammers and spammers were simply entering random numbers to spread their malware.

Protect your machine from any attacks and malware by installing an anti-virus program and by keeping it up to date.