Hack alert: Hoax or not?

[Merit Coba]

Last week I have seen the same hacker warning being posted in several groups.  People are called upon to spread this message around. This is the text ot the message(I removed the name of the person accused for reasons I will explain below).

" a hacker has been discovered here in sl. he has taken over 63 accounts stealing money and other assets. so be on the lookout for this person. -------------. he is able to over ride security and everything. 

Warning! This is a bad one. Please pass this message out to as many friends and groups as you can. Dont Accept anything from unknown people"

In one version it is said that the FBI and Linden Lab were involved. 

I tend to be sceptic about these messages because some are just hoaxes. Considering that a specific name is given and in one version it is said that the FBI  and Linden Lab were involved this made me curious about the source of these messages. I can not find any confirmation of this actually being true.

Now it seems to me that naming a person means people need to have some solid proof to back up their claims because they can't just go around accusing other people merely on hearsay.  Suppose the person mentioned is totally innocent and just the target of an enemy who uses this way to get back at him or her?  And what are we going to do? Are we going to ban this person merely because someone says he or she is a hacker? I hope not. 

When I asked how the poster knew about this, his answer was that he just posted what was said in another group. He didn't bother to check the source. He figured it was more important  to propagate the warning than to check the truth of the matter. In fact he soon got some people backing him up,  including the sim owner, with arguments like:

1 In SL different laws apply(the law that a person is innocent until proven guilty is suspended)
2 You don't need to check sources.
3 The end justifies the means. 

I post this here not quite knowing what to do with it, but perhaps someone can shed a light on this. Or at least ask people not to spread around messages accusing persons without some proof. 

 BTW: the person being accused of being a  hacker is an existing account. This is one of the reasons I am posting this here. 

 

 

 

 

 

 

 

[Fenimore Hapmouche]

---

Merit Coba wrote:(...)

Now it seems to me that naming a person means people need to have some solid proof to back up their claims because they can't just go around accusing other people merely on hearsay.

(...)

Hahaha! Rrrrright.

Ignore the drama messages, but always remain vigilant and exercise common sense.

[Ohjiro Watanabe]

It is just spam. I have seen a few of these over the years. They are always urgent, send to everyone on your friends list blah blah blah. No link to any kind of credible reference.

The correct thing to do if you directly find out someone is violating TOS is to send an AR to Linden Lab with all the details, they are fast to act on these kinds of reports.

The purpose of posting alarming reports to public groups is just to wind people up, so don't become a part of it.

[Merit Coba]

Good point... I read the tos on it and I think this is clearly a case of :

 

You will not post or transmit prohibited Content, including any Content that is illegal, harassing or violates any person's rights.

Post, display, or transmit Content that is harmful, threatening or harassing, defamatory, libelous, false, inaccurate, misleading, or invades another person's privacy;

[Ren Toxx]

---

Merit Coba wrote: [...]

1 In SL different laws apply (the law that a person is innocent until proven guilty is suspended).

2 You don't need to check sources.

3 The end justifies the means.[...]

---

 I doubt they’d use those exact words... few except the most hardened cynics want to sound *quite* like that. Otherwise, yeah, those are three of the many unwritten rules of SL... come to think of it, of RL too, but it kinda rings even truer in here, I guess due to the fairly popular “nothing matters much in SL” attitude of so many residents.

 

However, much of the spread of this (and other) warnings aren’t *completely* because of that “not a big deal” mentality; there’s also a fair deal of the mindless, Facebook-like attitude of “passing chains” without barely a second thought... you know, the typical “there’s a lot of children dying of this or that... publish this in your feed, if you don’t it means you’re so cruel you want children to die!!”. Many people barely dedicate enough thinking to it to rebel against the blatant stupidity of it, they just pass them and move on to the next inane thing. In here, in the case of these “warnings”, many just don’t pause enough to think about what you said: that these things are an accusation without proof or, for that matter, source-checking, and that they could potentially affect an innocent resident; it’s not that those who pass these “SL warning chains / hoaxes” don’t care about that... it’s more that they don’t actually make the mental effort to realize it in the first place.

 

In other words: welcome to SL. There isn’t that much you can do about it... you can post about it here, and you can argue these things in the groups where the warnings are issued; and one or two residents might realize you’re right and refrain from passing it on; then again, five or six others that did pass it on will be offended on the basis of the “good samaritan / conscious citizen that got chastised by a contrarian (that’d be you) when they just had the well being of everyone in mind”.

And you’ll have a very hard time snapping them out of it :smileywink:

[LlazarusLlong]

Lots of people in SL believe there is an unwritten rule (probably because they are semi-literate themselves) which states that you should not be mean to idiots with good intentions.

But then, who else are you going to make fun of?

[Amethyst Jetaime]

I've never known any of these type of alerts to be credible.  Mostly they are based on false rumors or misunderstandings.  People can't hack your account.  They can only gain access if you give your password out, use one that is easy to guess, click links that lead to phishing sites or sites that download malware like a key logger to your computer or grant access to allow a script to take your Lindens.  In other words, if a persons account is compromised, then they have done something to allow it.

Don't re-post this drama.  The person that started it should AR the person if they have any proof, not spread rumors  Chances are they have no proof, just a grudge.

[Sassy Romano]

A question to anyone with an in with an in depth knowledge of the login process...

 

Is the password hash salted or sent as is from the hard disk.

 

Reason I ask this is whether there's an opportunity to capture an unsalted hash and replay that to hijack credentials without the user having installed malware or knowingly given up anything intentionally.

 

In general I agree with you Amethyst but I'm sure there are other opportunities for well crafted hacks but not as described in the OP.

 

 

[LlazarusLlong]

Which login process?

There are multiple login entry points to different LL web properties and several independent copies of the validation database.

But LL, unsurprisingly, doesn't like you talking about their egregious security weaknesses in public.

[Sassy Romano]

I'm referring to the password hashes for the viewer login rather than any of the open id web logins.