ADVERTISEMENT

SUPEREGO

Watch Out: Old Trojan Spreading as a Photo Attachment on ICQ

Gallery Icon

bill-swift - June 29, 2012

With the advent of instant messaging software like Skype and Yahoo Messenger, older clients like ICQ eventually faded into the background. So if some people are still using ICQ to chat with acquaintances or newfound friends, then they'd have to face the wrath of some cyber bullies who are spreading trojans using the instant messaging service.

Softpedia reports having received a message, written in Russian, while being online on ICQ. After a bit of analysis, they discovered that the picture it was pushing was actually a malicious screensaver embedded with an old Trojan.

The message links to Russian website called megaupload.ipbux.ru, which has been designed to look like an image hosting service.

Hi, I cannot remember where I got your ICQ. Maybe you remember me? or photos you recognize me? Here is the link as bitly.com/[redacted] will then write to me, I throw off another link.

-- Scam ICQ message

The site, however, contains shady ads and links that don't work when clicked. The .ZIP file containing the purported "picture" actually contains a screensaver file that hides a Trojan that has been identified by ESET as Win32/VB.qnb.

This discovery was interesting in the sense that the ICQ account Softpedia was using was relatively new, which means that the scammers and spammers were simply entering random numbers to spread their malware.

Protect your machine from any attacks and malware by installing an anti-virus program and by keeping it up to date.

Tagged in: gear ,



Comments
Disclaimer: All rights reserved for writing and editorial content. No rights or credit claimed for any images featured on egotastic.com unless stated. If you own rights to any of the images because YOU ARE THE PHOTOGRAPHER and do not wish them to appear here, please contact us info(@)egotastic.com and they will be promptly removed. If you are a representative of the photographer, provide signed documentation in your query that you are acting on that individual's legal copyright holder status.



>