ICQ Bug Worsens With New Tool
Progenic Security has released a new tool which takes advantage of a bug in the ICQ file transfer protocol, posing a serious security risk to millions of ICQ users. A well-known flaw in the way ICQ displays incoming file transfers allows a user to hide a file extension by adding numerous spaces in the filename. However, with a new tool released today, a user may physically fool ICQ into displaying a different filename completely. Thus, you can send somebody what looks like a text file, but instead is an executable. Progenic hopes this announcement will spur AOL into upping the security of its chat client, and has refused to post details on how this exploit can be taken even further to cause more damage. For more information and to download the tool, visit Progenic.com.