Hackers have learned to steal money in Second Life
The Dean Takahashi San Jose Mercury News blog posting that it was discovered that it was possible to steal the domestic currency of Second Life from gamers. Moreover, this currency (Linden dollars) is not so virtual as the game itself - play money can be exchanged for the real US dollars.
Takahashi said that two hackers, Charles Miller (Charles Miller) and Dine Dai Zovi, showed an exploit that allows you to clear the pockets of Second Life users.
And now the most interesting thing: the exploit uses a hole not in Second Life itself, but in Apple's QuickTime, which is used to play video in the game. Here is what Takahashi writes in his blog:
')
via CNET
Takahashi said that two hackers, Charles Miller (Charles Miller) and Dine Dai Zovi, showed an exploit that allows you to clear the pockets of Second Life users.
And now the most interesting thing: the exploit uses a hole not in Second Life itself, but in Apple's QuickTime, which is used to play video in the game. Here is what Takahashi writes in his blog:
The exploit works because in Second Life, users are allowed to add images or videos for avatars or their property. When someone passes by an object, a Second Life client launches QuickTime to play a video or display pictures. In doing so, QuickTime directs the Second Life client software to the website. Using the QuickTime vulnerability, hackers can send a Second Life client to their malicious website to get a player’s avatar.Since the exploit exploits the QuickTime vulnerability, it will work until Apple fixes its error. Now the only thing Linden Lab offers, the creator and owner of Second Life, is not to keep big savings.
As a result, the hacker will be able to steal all avatar savings.
')
via CNET
Source: https://habr.com/ru/post/16989/
All Articles