Jump to content

Account Security Breached?

DanielRavenNest Noe
 Share
You are about to reply to a thread that has been inactive for 4783 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

DanielRavenNest Noe

DanielRavenNest Noe

Posted
Posted

A security warning if you own this device:

http://alphavilleherald.com/2011/03/zf-redzone-security-breached-sl-passwords-compromised.html

From the Article:

"A shadowy group of Second Life hactivists claim to have breached the Redzone server’s security, gaining access to the server database and discovering cleartext passwords for most Redzone customer accounts on the site.

As if storing raw Redzone customer passwords is not bad enough, there is apparently a second table that tracks passwords from failed login attempts in the hope users will accidentally enter their Second Life account password. These failed passwords are conveniently displayed on the user profile page of the "Admin Overlord App"  as "Possible SL PW(s)".

In light of these revelations, the Herald strongly suggests that all zf Redzone customers change their Second Life account passwords immediately – and ask themselves why they would continue to run a product that attempts to guess their Second Life password"

Link to comment
Share on other sites
Gordon Wendt

Gordon Wendt

Posted
Posted

Couldn't have happened to a bigger sleazeball. Hopefully now he'll have to deal with his own customers being pissed off at him and not just his critics if the buyers of Redzone are being exposed by this breach.

Remember, revenge is a dish best served vindaloo hot.

Link to comment
Share on other sites
Solar Legion

Solar Legion

Posted
Posted

DanielRavenNest Noe wrote:

A security warning if you own this device:

From the Article:

"A shadowy group of Second Life hactivists claim to have breached the Redzone server’s security, gaining access to the server database and discovering cleartext passwords for most Redzone customer accounts on the site.

As if storing raw Redzone customer passwords is not bad enough, there is apparently a second table that tracks passwords from failed login attempts in the hope users will accidentally enter their Second Life account password. These failed passwords are conveniently displayed on the user profile page of the "Admin Overlord App"  as "Possible SL PW(s)".

In light of these revelations, the Herald strongly suggests that all zf Redzone customers change their Second Life account passwords immediately – and ask themselves why they would continue to run a product that attempts to guess their Second Life password"

Considering that the Herald is well known as being little more than a tabloid rag and not known for using any actual fact checking methods .... The information and video is suspect.

Go ahead and look through some of their older "news" stories ... You'll note that all of them are more than 75% authorial opinion.

Link to comment
Share on other sites
Shelby Silverspar

Shelby Silverspar

Posted
Posted

 

Solar Legion wrote:

Considering that the Herald is well known as being little more than a tabloid rag and not known for using any actual fact checking methods .... The information and video is suspect.

 

it's not just the Herald that has this story, it's all over the place. there is enough evidence from many different sources now that there is no point in denying it.

 


Link to comment
Share on other sites
DanielRavenNest Noe

DanielRavenNest Noe

Posted
  • Author
Posted

In this case the article has been verified by numerous other people.  For example, I personally saw the original video on YouTube before it was taken down.  The account it was posted on was created in 2008, two months before the owner of the Redzone system's SL account was created.  The video had been posted privately (not visible to the world) in August, 2010.  Both the video and the account were deleted the same morning news of it's existence became public. Redzone's owner publicly claimed to own another YouTube account which was created 4 days later with almost the same name (kgb006mars vs kgbmars006), but still 2 months before his SL account creation date.

How would anyone but him have known to set up a near matching account on YouTube to host a fake video, when he hadn't even started in SL yet?  Why does the face and voice on the video match that of someone on videos he did claim ownership of?

On the topic of the server breach, at least two people have come forward to claim responsibility, and have posted additional screenshots on another forum besides the Herald.  Based on that information, additional other people (including myself) were able to document another website on the same server as Redzone (knightsofmars.com) which claimed to offer griefing services for pay.  That site was *also* disabled right after it came to light, but not before it was screenshotted.

In light of the accumulated evidence, the Herald's suggestion that Redzone customers change their passwords is on target.  It couldn't hurt, and might prevent break-ins by *either* Redzone system admins or the people who claim to have broken into the server.  Even a chance that the evidence is true is enough to warrant taking precautions.

All of the evidence has been turned over to Linden Lab (Soft Linden must have a very full inbox).  They are in a position to tell if any accounts were actually breached, and if their Terms of Service have been broken.  In a way, I would prefer this all turn out to be fake. If true, it means Redzone customers have been abused by the very person they bought a security system from.  But I will leave the final decision to LL, they have more information to go on than the rest of us.

Link to comment
Share on other sites
Vania Chaplin

Vania Chaplin

Posted
Posted

As Shelby said, there are many places were this stuf is being discussed. The compromising of zFire's customers and teh video was announced in the JIRA (https://jira.secondlife.com/browse/VWR-24746?page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel&focusedCommentId=248419) and in SLU much before Herald's article.

Anyway, someone that instead of make changes to fit to the ToS are trying to find ways to circumvent it (as he explains in his own forums) has no ethics at all. I don't know for others but I don't see me as something special, that a guy who makes profile in harvesting data of others and seeling them would respect me because of my beautiful eyes.

Juridically some one only can be considered guilty after judged and condemned in a tribunal. In the day to day, everybody has to prove that deserves my confidence. And zFire is very far from this.

____________

[edited to fix the URL]

Link to comment
Share on other sites
Scylla Rhiadra

Scylla Rhiadra

Posted
Posted

 

Potosi Abonwood wrote:

I would like to add also be wary if you've logged onto the RZ site isellsl.ath.cx that is where the harvesting of passwords comes from I believe.

Well according to the video on the herald that's where it's done at.

 

This is an important point.  Also, anyone who has ever appealed a ban by RedZone had to log on to the isellsl.com site:  they are also potentially vulnerable.

One of the great unknowns here is what has happened to zFire's database.  The original seems to have been deleted by the hackers, but it appears that zFire himself had a backup.

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 4783 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...