From: Bill Stewart <bill.stewart@pobox.com>
To: Bachrach <cypherpunks@toad.com
Message Hash: dd1e701bdae33366c7f62dabb7c3623b680e1ab9de950d768d851785600b1d5b
Message ID: <3.0.5.32.19980611174656.008163d0@popd.ix.netcom.com>
Reply To: <199806102100.XAA27780@basement.replay.com>
UTC Datetime: 1998-06-12 04:28:56 UTC
Raw Date: Thu, 11 Jun 1998 21:28:56 -0700 (PDT)
From: Bill Stewart <bill.stewart@pobox.com>
Date: Thu, 11 Jun 1998 21:28:56 -0700 (PDT)
To: Bachrach <cypherpunks@toad.com
Subject: FWD: backdoor trojan in ICKill
In-Reply-To: <199806102100.XAA27780@basement.replay.com>
Message-ID: <3.0.5.32.19980611174656.008163d0@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 11:00 PM 6/10/98 +0200, a remailer user forwarded
a message From: Bachrach <bachrach@netreach.net>
about a major security backdoor in ICKill, a utility that
apparently augments or hangs around ICQ - it's a little-documented
feature designed into the system rather than a bug or unexpected behaviour.
More information is at
> http://members.tripod.com/~hakz/ICQ/index.html
...
>My last question is this: if one person has backdoors into thousands of
>computer systems, doesn't that pose some sort of risk to the interent
>community as a whole? There's one person who's been saying that I should
>notify the FBI about this. As you can see decided to start here first.
Don't tell the FBI - they'll just want to use it themselves. :-!
Is there some way to locate and reach ICKill users directly?
Do they show up on ICQ in some useful manner?
(I don't use either of the products....) Directly notifying them
could help the problem, or at least generate a number of
emails to the author who put the feature in there.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Return to June 1998
Return to “nobody@REPLAY.COM (Anonymous)”