« Mini tech tip for the day: MakeSureDirectoryPathExists | Main| You, in 10 words »

One more ICQ post - some recommendations...

QuickImage   
Category
Bookmark : del.icio.us  Technorati  Digg This  Add To Furl  Add To YahooMyWeb  Add To Reddit  Add To NewsVine 


I am getting more and more contacts - both through the blog and privately - from people who have had their ICQ numbers stolen from them. Because of this, felt it was important for me to make a few strong recommendations to anyone who has had their ICQ number stolen or otherwise compromised - even if you aren't sure.

First, if you suddenly can't log into ICQ anymore - and you know you haven't changed your password - then in all likelihood your ICQ number has been stolen. Russian ICQ hackers seem to covet low ICQ numbers - 8 digits or less, the lower the number the more it is wanted - as some sort of status symbol on ICQ. So, if you have a lower number, then you are almost assuredly going to be targeted. If you can't log into ICQ anymore, then the following recommendations are for you as well - even if you're not sure your number has been stolen or not.

Recommendation 1: Register a complaint with ICQ support, but don't expect any help
As has been proven numerous times, the people who run ICQ (namely AOL) don't care about their legitimate customers on their network. They have a Terms of Service agreement that specifically states it is illegal to hack/steal accounts:

You further agree not to use the ICQ software nor any other software or application to attempt to override the ICQ privacy and security features or any other operation rule of the ICQ Services and Information including without limitation for spoofing, sniffing, eavesdropping, imposturing or spamming other users, breaking passwords, harassment, fraud, forgery, electronic trespassing, tampering, hacking, nuking, system contamination including without limitation use of viruses, worms and Trojan horses causing unauthorized damaging or harmful access and/or retrieval of information and data.


But here's the rub - they have this Terms of Service agreement telling you all the things you're not supposed to do on their network, but if someone does break the ToC they basically tell you that you're on your own:

CQ Inc. has no practical ability to restrict all conduct, communications or content which might violate this Policy prior to its transmission on or through the ICQ Services and Information, nor can ICQ Inc. ensure prompt removal of any such communications or content after transmission or posting. Accordingly, ICQ Inc. does not assume liability to users or others for any failure to enforce the terms of this Policy.


There is no place in the ToC where they say that they reserve the right to kick people off or anything. Their ToC is simply to state what isn't supposed to be done, and that if it is done and you're a victim, tough shit - ICQ isn't responsible.

However, I think that it would still be a good idea to register a complaint with ICQ to let them know your account has been compromised. Why? It is an electronic "paper trail" to prove you notified them and they did absolutely nothing. This is good to have, because I hope that someone in the media picks up on this and raises a stink - and if they Google and find you, you want to be able to say "yes I told them, and they did nothing - see?"

Recommendation 2: Notify everyone on your contact list that your ICQ number has been compromised
There are innumerable cases of the following scenario:

ICQ user suddenly isn't able to log into his account. He contacts ICQ, they tell him to use the password recovery, it doesn't work. He assumes something messed up on his end, or at ICQ, but never suspects his account has been compromised. He moves on, and does nothing.
While he is trying to figure out what has happened to his ICQ account, the hacker asshole that stole his account is contacting everyone on his contact list claiming to be the original ICQ number owner, and he sends the unsuspecting contact a file with a message like "You'll love this!" or something to that effect. Since the contact believes the other person to be her friend, she runs the file - and it installs a trojan/backdoor on her system, exposing tons of personal information to the hacker asshole. Suddenly credit card charges start rolling in, identity theft issues arise, and the contact has no idea how her personal information was discovered.

To avoid this nightmare scenario for you and your contacts I STRONGLY encourage you to contact each one of them (hopefully you have a list somewhere) and let them know that your ICQ number has been compromised, and that if they are contacted by someone claiming to be "you" on that number that it is NOT you. Make sure you notify everyone you know that a) you are no longer on ICQ and anyone who contacts you from there is NOT you; and b) that you strongly recommend they get off of ICQ as well.

Recommendation 3: Tell everyone you know that ICQ is not a safe place, and should be avoided
Basically, ICQ is now a free-for-all, lawless network run by script kiddies and hacker-wannabes. There is no value left in ICQ over any other network, and I would submit there is much less value there than in others because the risk to your online security is too great. Also, if you or anyone else does decide to leave ICQ, make sure you actually delete all of your contacts and terminate your account - this is the only way to ensure your personal information and contact list will not fall into the hands of undesirables.

Good luck.

Rock
**You don't stop laughing because you grow old, you grow old because you stop laughing.

Posted by Rocky Oliver On 12/09/2005 | Digg This |

Comments
1 - Well, I'm confused. Is there something special about ICQ that prevents you from using the Alt key and keypad to type high-bit characters like δ∞φε∩≡??<br><br>In your chat with the Russian jerk, he mentioned ICQ-Brute, which appears to be a well-known password cracker on Google, at least. A search for "ICQ Sniffer" also returns many hits, but they'd have to be on your LAN to use anything like that. I'm curious how you've determined that they're doing that?<br><br>Lastly, and I'm asking out of ignorance since I never found anything at Slashdot that held my interest for long, what's intimidating about Slashdot?<br><br>

Posted by Scott Wertz At 11:39:08 AM On 12/13/2005 | - Website - |


2 - ICQ is facilitating internet abuse - knowingly. They really do have to be shamed into responsible corporate behaviour by some heavy weights here in electronic land.

Hosting this is not what I call responsible of them either; http://www.icq.com/boards/browse_folder.php?col=6&sort=1&tid=7677&page=3)

It assults every other responsible internet citizen, working to stomp out the crap. The big players are the one's who should be setting an example. Shame on ICQ - AOL

Here's a laugh Rock, look up this icq account: 153879
I made some modifications to the hijacker's details. The account was mine until this weasel highjacked it and I found out a few days ago. I left a message for ICQ wondering if that will make them delete it.... apparently not.

Posted by Anna At 01:59:13 PM On 01/01/2006 | - Website - |


3 - I'm fairly appalled by ICQ's attitude towards this problem.

Have you thought about submitting an article about this experience on Slashdot ? That would certainly get ICQ's attention.

It seems like the only way to make companies repentent these days is by generating huge amounts of negative publicity. A good example is Sony Music, who have only now and very reluctantly admitted that they made a mistake with their DRM/Rootkit solution. The lack of respect that these companies have towards their customers astounds me !

Posted by Tim L. At 04:32:24 PM On 12/09/2005 | - Website - |


4 - I am terribly dissapointed with ICQ. I was threatened in a chatroom and tried to report it with no avail. Kept going from one thing to another. Oh well, I guess you just have to stay out of ICQ.

Posted by Cheryl At 09:33:39 AM On 01/19/2007 | - Website - |


5 - PS

Some interesting ICQ reading here:

http://66.102.7.104/search?q=cache:b8Cw3XkVuToJ:www.hnc3k.com/icqsecurity.htm+remove+icq+hacked+icq+account&hl=en

Posted by Anna At 02:51:42 AM On 01/02/2006 | - Website - |


6 - Scott - I know you responded again, but for some reason I can't get Blogsphere to display your entry. I'll try to figure it out and get it to show up...

Rock

Posted by Rock At 11:46:04 AM On 12/13/2005 | - Website - |


7 - Just an update.... Asking ICQ to delete the account had zero result. I was actually instructed that it's not possible! Hello.... After sending a note to the hijackers contacts (he was quite the Romeo too) and letting it sit for a week, I filled every line with the shame message for ICQ. Method in my madness: make the shame return in broad search results. It worked! Within a week ICQ suddenly sent me an email to verify removal!! I didn't verify removal since I regained control of the account. It now sits there empty.... an ongoing exercise since I had to go to a lot of trouble, to see how long it takes...

Posted by Anna At 08:06:18 AM On 03/12/2006 | - Website - |


8 - I've submitted an ICQ compaint, but heard absolutely sod all! To be honest, I hadn't used ICQ for ages and rather use other IM clients, but that's not the point. The ICQ account was mine, set up by me for my use, kind of like someone stealing your email address or mobile phone number. Pesky Hackers, round them up and shoot them! (maybe thats a bit strong!)

Posted by Chris At 06:31:13 PM On 12/14/2005 | - Website - |


9 - Since the hackers appear to be be using brute force password attacks, wouldn't it also be a good idea to change your password to the most secure one you can remember?

Posted by Scott Wertz At 03:19:11 PM On 12/09/2005 | - Website - |


10 - @Scott - you can do that, but they are also snooping the packets, and have figured out how to get the PW from the packets. The only thing that seems to slow them down (and the method they use to protect themselves from each other) is to use characters that can't be typed from the keyboard - upper ASCII characters. From what I understand, the way the PW is sent from clients to ICQ is not secure.

@Tim - I want to get more publicity on this, but to be honest I am a bit intimidated by Slashdot. I may try to find a print journalist to pick up the ball and run with it.

Any takers?

Rock

Posted by Rock At 05:01:58 PM On 12/09/2005 | - Website - |


11 - Thanks for the info, Anna. See, it is as I thought - ICQ is completely insecure, and is now a place for spammers, hackers, and script kiddies.

Thanks again.

Rock

Posted by Rock At 09:20:26 AM On 01/04/2006 | - Website - |


Meet Rocky

Rocky Oliver
Rocky Oliver
If you see me at a conference, please stop me and say hi!

Calendar

Search

Archive

Categories

LotusGeek Tour 2008

DNUG08-2.png

Latest Downloads

Proudly Employed By

I am the Vice President of Products for TeamStudio

Our Corporate Blog

I am the Vice President of Products for TeamStudio

Thawte Notary

Thawte Web of Trust Notary

LOTUS GEEK gear

Lotus GEEK
 Online Store at Cafe Press

Social Networking


Add to Technorati Favorites

View Rocky Oliver's profile on LinkedIn

Rocky Oliver

LotusGeek Blog Roll

Why display a blog roll when Planet Lotus does it so much better?

Dilbert

Buy my book!

Available now!

Available in Czech!
Available in Czech!

Blog Buttons

LotusGeek CoComment RSS Feed Custom Button Custom Button Custom Button

Atheist - Unitarian - Humanist

Atheist Symbol

chalice_150.gif

Happy Humanist

Poker Players Alliance

Poker Players Alliance: Keep It Legal.

This Site Designed By

YOU! If you would like to see your name and link here, read more about the Skin the Geek contest!