Vulnerability Development mailing list archives

ICQ (Was Re: Administrivia #4883)

From: imrang () BTINTERNET COM (Imran Ghory)
Date: Sun, 16 Jan 2000 13:37:14 -0000


On 14 Jan 00, at 17:25, Ken Williams wrote:

i have received reports that ICQ 99* and later surreptitiously snag credit
card data from your HD and send it to Mirabilis, without any notification
or confirmation.  these reports are unsubstantiated - based on the report
sources though, this is worth looking into.


Highly unlikely, as there are much easier ways to get credit card details. Also the market share
of ICQ means Mirabilis is unlikely to take such a risk just for credit cards.

It couls be that there exists a trojan which is responsible, but even then it is unlikely that it
would be able to obtain credit card details, unless it was specifically targeting a certain type of
data in a certain program.(e.g data being encrypted by IE).

Imran Ghory

Current thread:

Re: ICQ Pass Cracker., (continued)
- - - Re: ICQ Pass Cracker. Blue Boar (Jan 26)
    - Re: ICQ Pass Cracker. Usman (Jan 26)
    - Re: ICQ Pass Cracker. Vladimir Dubrovin (Jan 27)
    - Shadow kjkotas (Jan 24)
    - Re: Secure coding in C (was Re: Administrivia #4883) Marc Slemko (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Warner Losh (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Blue Boar (Jan 15)
    - Re: Secure coding in C (was Re: Administrivia #4883) Brian Kifiak (Jan 16)
- Re: Administrivia #4883 Ken Williams (Jan 14)
  - Re: Administrivia #4883 Blue Boar (Jan 15)
  - ICQ (Was Re: Administrivia #4883) Imran Ghory (Jan 16)