Hackers: Second Life open to virtual currency theft

Tech News

By Stevie Smith Dec 3, 2007, 12:14 GMT

Two diligent security researchers have this week stepped forward to warn users of online virtual world Second Life that their avatar creations could be open to monetary theft at the hands of nefarious online hackers looking to rob them of the mighty Linden Dollar. Security researchers warn against possible wave of virtual currency theft in Second Life. Credit: Second Life/Linden Lab

Security researchers warn against possible wave of virtual currency theft in Second Life. Credit: Second Life/Linden Lab The San Jose Mercury News reports that experienced hacker community members Charles Miller and Dino Zovi have discovered a potential exploit in Second Life that allows hackers to sidestep security aspects placed to prevent users from being separated from their redeemable in-world funds. The vulnerability has since been confirmed by San Francisco-based Linden Lab and, while the exploit could see users losing their Linden and U.S. dollars if left unchecked, it is believed that Second Life’s creators will be able to quickly address the flaw by issuing a patch fix.According to Miller and Zovi, the problem was uncovered by using a recently revealed flaw connected directly to Apple’s QuickTime media player, which is used inside the virtual confines of Second Life. The QuickTime flaw in question was put under the spotlight by Miller and Zovi early last week, which subsequently led to the pair engineering a workable hack only a few days later."While we have no evidence that this vulnerability has been used to date within Second Life, we of course want to make sure our residents are aware of the facts, and give them guidance on how they can protect themselves," offered Linden Lab in an official statement posted on Friday through its Second Life blog site.The hack appears to work much like a virtual mugging, directing in-world QuickTime users to a malicious Web site via infected items placed by hackers, which then proceed to take control of the victim’s avatar and force them to hand over their Second Life funds.A video demonstration presented by Miller shows an unwitting in-world avatar passing near a hacker’s avatar, at which point an on-screen message states that 12 Linden Dollars have passed into the possession of the hacker’s avatar creation. The hack is thought to be effective up to a range of 100 virtual metres."We take security very seriously," outlined Apple spokeswoman Lynn Fox in reaction to the QuickTime exploit. "We have a great track record of addressing vulnerabilities before they can affect users and we are looking into this."Second Life has said that it may offer reimbursements to any in-world members who have fallen foul of this latest theft-based hack attack.

View blog reactions

If you liked this story please support M&C and Buzz the site on Yahoo.

Latest Headlines in Tech

Talkback

There are currently no comments for this article. Be the first to comment! (no registration required)

Latest from M&C Blogs

Debate: did McCain do enough? - Global Eye on September 29, 2008 6:46 AM | Permalink | Comments (19) | TrackBacks (1)

Should Sen. John McCain's health records be made public? - Global Eye on September 15, 2008 8:39 AM | Permalink | Comments (49) | TrackBacks (0)

Propaganda and the campaign for president - Global Eye on September 9, 2008 7:12 AM | Permalink | Comments (10) | TrackBacks (0)

London Film Festival - Dean Spanley - London Calling on October 6, 2008 9:38 AM | Permalink | Comments (0) | TrackBacks (0)

Raindance Film Festival: Gardens Of The Night - London Calling on October 6, 2008 9:21 AM | Permalink | Comments (4) | TrackBacks (0)

London Film Festival - IL DIVO Review - London Calling on October 1, 2008 3:46 PM | Permalink | Comments (0) | TrackBacks (0)

Bugatti Veyron 16.4 Grand Sport - The World in Pictures on October 2, 2008 4:15 PM | Permalink | Comments (0) | TrackBacks (0)

Devotee to Chinese Shrine of Sapam has face pierced - The World in Pictures on October 2, 2008 4:13 PM | Permalink | Comments (0) | TrackBacks (0)

Indian Muslims offer prayers on the occasion of Eid-al-Fitr - The World in Pictures on October 2, 2008 4:11 PM | Permalink | Comments (1) | TrackBacks (0)

Tech

Hackers: Second Life open to virtual currency theft

Tech News

Latest Headlines in Tech

Talkback

Latest from M&C Blogs

Similar articles

In Monsters and Critics

Corporate

The Fine Print