Account hacking - why third party viewers are the problem

[Aveline Stein]

4 times in a row makes it almost appear like a targetted attack. Perhaps someone is accessing your computer physically.

Could be a jealous or angry neighbor or someone living nearby knowing about your Secondlife activies and that there is money involved, or even ones own teenage kids. Not a nice thought but often more plausible than malicious crackers targetting your *specific* computer, or TPV devs being out to get you.

edit:
Firestorm is a pretty large project with 20+ or so developers, a support staff of 40 and over hundred closed-beta testers of varying knowledge degree. I am quite confident that anything malicious would turn up rather quickly.

[Eileen Fellstein]

Beo, if you read my responses, then you know I didn't totally discount  your claim though I did express it is unlikely and pointed out that from what you have presented, it isn't enough to rule out other possibilities. reading through the thread, I think the bridge/lsl thing has been beat to death. I'm not a coder but several here are. Though none have taken the time to disect it in the thread, I don't have the time or desire to learn coding well enough to be helpful with that  so I'll take their word for it

Just curious if you have tried completely changing your email at any time during all this. Reason I ask is a while back I had my wow account hacked repeatedly and I didn't know what was doing it. Come to find out, it was the email associated with that account. Once I discovered what they'd done, I changed emails and and all email associations/passwords connected to the original and have not had a problem since. Yep. was a major pain to do. It took the better part of a day and even several phone calls to verify I was the right person, but it fixed the problem. Thankfully whoever it was seemed to have only been after some quick wow gold and didn't bother with anything else or I'd have had them in my SL as well along with a few other things.

I determined that hack was probably done with no scripts at all as the email service involved has a serious flaw in it's password retrieval/change system. (the security questions are too easy) and there's also a place that is not real evident right off the bat, takes some clicking around to find where one can set up an emergency email that overides everything. That means every change in the account gets sent directly to the hacker if they got their email in there before you had a chance to set it.