Truth About Computer Security Hysteria

ICQ Trojan/virus

A hysterical user invoked the "ICQ virus" buzzphrase years ago, creating a never-ending wave of alerts for people who use the popular software from Mirabilis.

Let's suppose you receive an ICQ message saying "please wait, virus loading..." Would you automatically believe it? Would you reflexively scan your computer for viruses? Would you compulsively send a virus warning to every ICQ user you know? A clever hoaxster might try to con you into believing your computer received a virus — just to watch you run around like a chicken with its head chopped off.

Some points to ponder:

1. Some ICQ users warn you to avoid specific UINs of "dangerous individuals." Who maintains the master list of evil UINs? Why doesn't antivirus software watch out for evil UINs? (Hint: these are trick questions. ICQ lets users change UINs, meaning you'll eventually memorize tens of thousands of UINs no longer in use.)
2. Suppose you choose to delete a binary file attachment sent by an unknown ICQ user. Does this mean you deleted an actual malicious file? Or does it simply mean you deleted a file as a precaution?
3. Your computer cannot [yet] get infected simply by using ICQ — with one important caveat. The Stages worm can spread via ICQ (and other programs) by exploiting a flaw in Microsoft Windows itself. Microsoft released a patch to correct the flaw.

Last updated: 2000/9/19