Trojan Horses: How Can I Get Infected?

by Dancho Danchev
the author of "The Complete Windows Trojans Paper".

Via ICQ

People don't understand that they can also get infected while talking via ICQ or any other Instant Messenger Application. It's all risky when it's about receiving files no matter from who, and no matter from where.

Believe it or not, there are still guys out there, using really old versions of ICQ and it's all because they can see the IP of the person they're talking to. The older versions of ICQ had such functionality and it was useful for everyone capable of using winnuke and other DoS tools, but really how hard it is to click with the mouse? These people are often potential victims of someone that is more knowledgeable on Windows Trojans and takes advantage of their old ICQ versions.

Let's review various ways of getting infected via ICQ:

• You can never be 100% sure who's on the other side of the computer at the particular moment. It could be someone that hacked your friend's ICQ UIN (Unique Identification Number)and wants to spread some trojans over his/her friends. You'll definitely trust your best dude Bob if he offers you something interesting, but is it really Bob on the other side?
• Old versions of ICQ had bugs in the WebServer feature, that creates a site on your computer, with your info from the ICQ database. The bug consists in that the attacker can have access to EVERY file on your machine and if you read the previous sections carefully and know the auto-start methods, you'll probably realise what could happen if someone has access to your win.ini or other system file, namely a trojan installed in a few minutes.
• Trojan.exe is renamed like Trojan....(150 spaces).txt.exe, icon changed to a real .txt file and this will definitely get you infected. This bug must be fixed in the newer versions for sure.

Previous  |  1  |  2  |   3  |   4  |   5  |   6  |   Next

Discuss this article on the Forum