A few weeks ago we reported on a massive ICQ hack baffling security experts. Some theories have now emerged according to The Register:
Reg readers have weighed with sundry theories. We'll kick off proceedings with the ones we were immediately able to discount - but which nonetheless illustrate script kiddie tricks of which users should be wary:
- Spoof goes your ICQ account
- Cock-up not conspiracy
- It's all Microsoft's fault
- War scripting
- ICQ accounts sent to deathrow
So who's the culprit?
We're far from sure on this one but a discussion on the forum 8thwonder-net contains a boast from a cracker called de@throw that he/she was behind the hack. This may, or may not be true - no proof was given and the page in question has since been pulled.
Whatever the methods used in ICQ cracking, it's certainly a common problem. Users with hacked accounts are often asked to re-register, but we think this is not good enough.
With newer versions of ICQ your contact list gets stored on its server and can be retrieved at any computer with ICQ and the correct password. So if the accounts have been cracked, somebody could harvest this potentially sensitive information.
Since ICQ is widely used (with 122 million users according to ICQ Inc, an AOL Time Warner-owned subsidiary) the existence of numerous cracking utilities is something which needs to be guarded against.
Which one of the theories is most likely for the massive hack? Well 'Blame Microsoft' will probably be very popular
Read more on The Register to see what the different theories mean in detail.
Source: The Register
