Clarification concerning the ICQ 7 security issue

Since ICQ seems to spread inaccurate information about the security issue in ICQ7’s update process, I think I need to clarify:

It is not necessary to successfully attack the users machine or his ISP’s network first to use my exploit.

Long version:

Imagine a public hotspot at your favorite café. You have ICQ 7 installed on the laptop that you carry with you to get some work done. You start up your machine and connect to the wireless network.

What you don’t know is that there’s already someone on the café’s hotspot network who wants to harm you or other users of ICQ. He runs the attack code and a simple program to spoof the address of ICQ’s update server on his laptop or even on his mobile phone. The spoofing will affect all clients on the hotspot network, so after your ICQ client starts up, it automatically downloads the malicious update that the attacker wants to run on your computer. Damage done…

I hope this makes it clear why the “theoretical” issue in fact is an issue for people using their computer on networks that are not entirely under their control.

Leave a Reply

Your email address will not be published. Required fields are marked *