Jump to content
  • 1

Griefers in action in live music venues


Stenelaide
 Share

You are about to reply to a thread that has been inactive for 626 days.

Please take a moment to consider if this thread is worth bumping.

Question

So tonight I was halfway through my shift as a hostess in a live music venue and I suddenly crashed. I log back in and this mess pops up on my screen, on the singer's screen and on her manager's. A search bar with a nice statement, a friend request and a voice call to the singer. They also managed to block her on my behalf and they asked me to teleport to some random piece of mainland. The owner found two scripts that were dropped. That was awful, how do they manage to execute stuff on our viewer? Is that simple?

 

griefer.png

Edited by Stenelaide
  • Like 1
Link to comment
Share on other sites

6 answers to this question

Recommended Posts

  • 0

I would bet an illegal viewer is involved.

A few years ago, SL had a problem with illegal viewers. Region ban someone and they would still pop in. SL can put the final nail in their coffin if the situation warrants. Fill out a AR and file it. Don't embellish and be as concise as possible. Include any screen grab you possess.

I hope someone can come here and explain better than me. It's a shame you and your talent had to go through this. It's total BS.

Edited by Chassie Rowley
  • Like 1
  • Thanks 1
Link to comment
Share on other sites

  • 0
On 9/5/2022 at 5:33 PM, Stenelaide said:

how do they manage to execute stuff on our viewer? Is that simple?

This looks like an invocation of the Viewer URI namespace. It allows you to construct text hyperlinks that can resolve to various things, like a user's full, display, or legacy name. It can also resolve to a clickable link that when clicked within the viewer, can perform various viewer actions. All of what you experienced can be accomplished with Viewer URI Namespace links:

  • opening the search window with a search term pre-filled in
  • requesting friendship with a target avatar
  • muting a target avatar
  • initiating a voice call with a target avatar
  • offering a teleport request to a target avatar
  • opening the map with a destination pre-filled
  • and more as described on the wiki page.

You can do some formatting to put a label on the hyperlink so it looks like an innocuous clickable bit of text, but hovering the mouse over them will show a tooltip that says what it will do (offer friend request, mute, offer tp, etc), or give you a generic "Click to run secondlife:// command".

The thing is... as far as I'm aware, you need to actually click on the URI links within the viewer in order for them to do anything. And I don't think it's possible to combine multiple actions into one link. I find it unlikely that all three of you clicked the numerous links to bring up each of those various actions, so I'm guessing there is some kind of bug or exploit happening that can auto trigger URIs as if they were clicked. Perhaps it is related to the crash.

Either way, definitely Abuse report it as soon as possible with as much info as you can provide. Also consider filing a bug report on the SL JIRA system.

Edited by Fenix Eldritch
  • Like 2
Link to comment
Share on other sites

  • 0

I had a quick chat with the owner of the venue today, she told me she reported the incident to the Lindens. The attacker(s) seem to be targeting live music venues, singers and their staff. The singer was on stage and I was wearing a tag that identified me as a staff member, but the manager was not easily identifiable. Makes me think they know who they're looking for. One scripted object was near the stage, that's also creepy. I am wondering if there is something personal behind it, circumstances seem so oddly specific.

Link to comment
Share on other sites

  • 0
2 hours ago, Davie Swords said:

I was off for two days and when I  came back  on numerous groups I belong to had ejected me and I h ave no reason why??

Help, also my account had been charged $111.00 that I have no knowledge of.

https://lindenlab.freshdesk.com/support/solutions/articles/31000135214-what-to-do-if-your-account-has-been-compromised

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 626 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...