Jump to content

Account hacking - why third party viewers are the problem

Beowulf Silverfall
 Share
You are about to reply to a thread that has been inactive for 4389 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Beowulf Silverfall

Beowulf Silverfall

Posted
Posted

I have an account that has been hacked for the 4th time within 2 months, thank god I took everything off after the second time and got reemboursed for all the real money they tried to steal. Thank you Linden Labs for that. Lindens did react quickly the first time and a bit amazed the second time.

I was initially using a third party viewer, Firestorm, but I was not anymore since the first time I got hacked.  Then I got hacked again and again, till someone pointed out one thing to me, even though I was using the official Second Life viewer 2, I didn't delete the bridges that the third party viewers create on SL on your account in your inventory.

The bridges is the way used by the bastards, that utilize the third party viewers to hack accounts. I am now using a BRIDGE FREE account, which I created after the third hack attempt, but have left them on the old account, just to see if it would happen again, despite Linden Labs assurances that it wouldn't.

Well boys and girls, it happened again not later than 4 hours ago. They hacked the old account again, so now I have the proof needed to point out that the third party viewers are a security issue. Everybody should use the second life viewer and delete all the bridges they can find in their inventory. Also, we should try to make Linden Labs aware of this issue, they seem to think that they have checked ALL the code for the Phoenix and Firestorm, but the backdoors are still there, nothing has changed since Emerald as it's still based on the same code.

 

Link to comment
Share on other sites
  • Replies 51
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Marigold Devin

Marigold Devin

Posted
Posted

No

no

no

no

no

no

not this again. Third party viewers are evil.

No.

The majority of people using a third party viewer have never been hacked or had their account compromised in any way at all.  I am one of those people. 

You have no solid proof, and I would say your computer's security software needs greatly updating.  I get warnings sometimes, even when I click open one of these threads on the forum, and it's still within Second Life's domain. Therefore, I believe TPVs are no more likely for hacking than the official Second Life routes.

Phoenix is not Emerald. Do not tar all with the same brush. (Well you can if you so wish - but I believe you are being very unfair and unjust and the hacking problem lies within your own system and dealings.)

Link to comment
Share on other sites
Eileen Fellstein

Eileen Fellstein

Posted
Posted

I'm not sure how LL would be unaware after being so hands on with you through 4 hacks.

Seems like a pretty serious allegation. I'm not sure that what you've described is enough to rule out other possibilities. I'm no coder. Sounds like you need an expert to confirm the actual parts of the code in question?

Link to comment
Share on other sites
Claireschen Hesten

Claireschen Hesten

Posted
Posted

i wouldn't go around taring all TPV's with the same brush you are just as likely to get hacked using the official LL viewer as you are any TPV how certain can you be that it was down to the bridge every time thats used in phoenix and firestorm viewers as far as i know the bridge is there to help with certain viewer functions and nothing else i doubt since the emerald scandle the devs would put malicious code in their new viewers. if you've ever downloaded a TPV or LL viewer from anywhere other that the official viewer site you leave yourself open to all sorts of malicious code and viruses from people who have used a particular viewers source code to make their own viewer. if you didn't change your password after the first hacking i can see why you got hacked further times

Link to comment
Share on other sites
Innula Zenovka

Innula Zenovka

Posted
Posted

If you think, as you say, you have "the proof needed," why aren't you giving it to Oz Linden, who is far better placed to deal with such matters than are we?

Personally, I can't think how on earth a scripted object that's in your inventory can do anything at all, and neither do I quite understand how the full perms lsl script that's inside the bridge can do anything suspicious even when you're wearing the bridge.

While I don't use Firestorm that often (I prefer Catznip and Niran's) I've got a copy and I've just taken a look at the script the bridge contains.   Can you direct me to the section of code there you suspect is causing mischief?

On the subject of code, by the way, I'm open to correction here, but I always thought Emerald was based on Snowglobe and that the latest Firestorm is based on V3.something.   In what way do you say Firestorm and Emerald are based on "the same code"?   

Link to comment
Share on other sites
Eileen Fellstein

Eileen Fellstein

Posted
Posted

I've been on FS since it's release and had no such issues. But I have always been curious as to what the bridge actually does and why it would be necessary to have one. So yea, maybe that makes some people nervous.

Probably should start with the actual info from thier site about what it is and what it does. From thie wiki, if you click on the link for the firestorm bridge, it takes you to the page for the pheonix one, so..same thing essentially? anyhow, it's here..

http://wiki.phoenixviewer.com/fs_bridge

Looking over it's listed functions, those are things I never really use, so I would be just fine most of the time to just delete the bridges if I was suspicious of them. I prefer to move about naturally rather than click TPing and generally don't concern myself wth things like who is flying around beyond my draw distance.

But anyway, helpful stuff but not crucial to your viewer functioning *shrug

I guess the next question would be is there any way this claim could be accurate? Where is the bridge gathering data and is that line of communication vulnerable to hacks? AND even if it were, would hacking an object in someone's inventory grant access to account details?..including accout password?

Sounds rather unlikely.

Link to comment
Share on other sites
Tari Landar

Tari Landar

Posted
Posted

Umm, what you say, isn't possible, at all. The bridge script cannot hack your system(and that's a pretty strong allegation to make too, not a wise move since it's not something you can possibly prove but rather an assumption)

You're darn lucky it's only your SL account that's been hacked, thus far. Or rather, more likely, you haven't noticed what else that hacker has been able to retrieve from your system. Because it's your system at fault. Though you could have a rather smart hacker who knows you have financial ties to rreal world accounts via sl, and is taking advantage of that.

A one time account hack is typically because someone, luckily(though unluckily for the owner) guessed the password of an account. A repeated offense however tells me there is something going on with the system. It's quite clear you are doing something, or not doing something, that is making your system susceptible to hackers. I suggest you find someone who knows what they are doing to take a look at it before you lose more than just SL info.

 

Link to comment
Share on other sites
Chronometria

Chronometria

Posted
Posted

A firestorm user reported that a new bridge was being made each time they entered a new sim. It was only happening to them though and not other firestorm users who responded.

 

I dont know what it is, but something is fishy about bridges at the moment, at least for some people.

Link to comment
Share on other sites
Paul Hexem

Paul Hexem

Posted
Posted

Beowulf Silverfall wrote:

I have an account that has been hacked for the 4th time within 2 months, thank god I took everything off after the second time and got reemboursed for all the real money they tried to steal. Thank you Linden Labs for that. Lindens did react quickly the first time and a bit amazed the second time.

I was initially using a third party viewer, Firestorm, but I was not anymore since the first time I got hacked.  Then I got hacked again and again, till someone pointed out one thing to me, even though I was using the official Second Life viewer 2, I didn't delete the bridges that the third party viewers create on SL on your account in your inventory.

The bridges is the way used by the bastards, that utilize the third party viewers to hack accounts. I am now using a BRIDGE FREE account, which I created after the third hack attempt, but have left them on the old account, just to see if it would happen again, despite Linden Labs assurances that it wouldn't.

Well boys and girls, it happened again not later than 4 hours ago. They hacked the old account again, so now I have the proof needed to point out that the third party viewers are a security issue. Everybody should use the second life viewer and delete all the bridges they can find in their inventory. Also, we should try to make Linden Labs aware of this issue, they seem to think that they have checked ALL the code for the Phoenix and Firestorm, but the backdoors are still there, nothing has changed since Emerald as it's still based on the same code.

 

Sounds like you've been clicking on that phishing link that's been going around. That, or you just fail at computers.

Nefertiti Nefarious wrote:

Good grief! I've been using SLfor several years, with TPVs, and not a single hack. Your problem is not the viewer, it';s your whole Internet lifestyle ...

What Operating system are you using?

 

Operating system has nothing to do with it. The questions should be "Are you the kind of ninny that clicks on phishing links, and do you keep an updated antivirus/security program on your machine?"

Link to comment
Share on other sites
Rival Destiny

Rival Destiny

Posted
Posted

This reminds me of the other day when I was on a laptop where I didn't have the sl wiki bookmarked.  I googled to find and clicked on a link when sent me to a page that said Second Life Wikia - up pops a box to enter username and password.  It was early am and I was just about to enter my username when I noticed the 'a' at the end of the wiki.

I closed the page and went to the SL main page and from there to the wiki. 

First time I've come that close to a phising site and can see how someone may inadvertantly log into one.

The page was very authentic looking but I can't seem to locate it now.  Anyway, there seems to be a lot this going round lately.

 

 

Link to comment
Share on other sites
Deej Kasshiki

Deej Kasshiki

Posted
Posted

Ignorant fearmongering and unsupported allegations on the part of the OP. Nothing to see here folks, move along.

 

P.S. If I were the OP I'd be very careful of tossing around unfounded statements such as these. Borders on being legally actionable, if you know what I mean. Oh, and I'm sure that not one single account was ever hacked before LL open sourced the viewer code.  :roll eyes:

 

Link to comment
Share on other sites
Nova Convair

Nova Convair

Posted
Posted

If you get hacked over and over again, remove the keylogger on your system. Better - remove the system and do a clean install.

Of course there a geniuses that download viewers from unknown sources or links in emails ... stupidity leads to punishment here.

Not to mention: incredible simple passwords or 1 password for many services or loosing the email password - allowing the attacker to use password rest functions of services, falling for phishing, etc. etc. etc.

If the only conclusion is: "it is the viewer" then it shows a completely helpless user. Get some help to fix your system, I doubt that you can do it yourself.

Link to comment
Share on other sites
Qie Niangao

Qie Niangao

Posted
Posted

Nova Convair wrote:

Of course there a geniuses that download viewers from unknown sources or links in emails ... stupidity leads to punishment here.

Very good point.

The scariest thing about a thread like this is that it ends up giving folks a false sense of security, as we all chime in to tell the OP how secure we think their particular TPV probably is, because the vulnerability they describe cannot actually exist.

That does not mean that there are no account-stealing TPVs out there to be downloaded.

People have different thresholds for trusting TPVs, but at a bare minimum, never run a viewer that you are not 100% confident you could build yourself from source code.  Viewers that don't supply all source code (or where nobody tests that the supplied source actually produces the identical viewer), those viewers are out to hurt you.  And a running viewer can access plenty enough information to hurt you very badly indeed -- much worse than merely stealing a Second Life account and siphoning off all L$s.

Link to comment
Share on other sites
Deej Kasshiki

Deej Kasshiki

Posted
Posted

Ceka Cianci wrote:

Oo

i guess we can't have cute lil popcorn eating GIF's in the forums anymore..

but flat out naming and shaming  is just A.O.K.

 

 

Good point Ceka. I guess the LL moderators don't care if someone's making provably false and inflammatory statements about TPV devs. Or maybe it's just that no one's RIC'ed this nonsense yet.

Link to comment
Share on other sites
Eileen Fellstein

Eileen Fellstein

Posted
Posted

Chronometria wrote:

A firestorm user reported that a new bridge was being made each time they entered a new sim. It was only happening to them though and not other firestorm users who responded.

 

I dont know what it is, but something is fishy about bridges at the moment, at least for some people.

My guess is they may have been exagerating. If you login to a sim with scripts off, the bridge will not create. It gives onscreen instructions how to create it yourself. Not sure if it would auto create when they moved somewhere without scripts blocked. If it does and they are jumping around sims and relogging/crashing a lot, that would probably explain most of it.

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 4389 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...