|
|
|
Security Breach Found in Second Life Database
By: Scott Ferguson
2006-09-11
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
The virtual world responds to a real-life security breach as Linden Labs tells its users that their personal information could have been compromised.Linden Labs, the San Francisco-based creator of the virtual community Second Life, has told its users that their personal information could have been stolen due to a zero-day attack.
In a Sept. 8 announcement, the company said that users unencrypted names and addresses, as well as encrypted passwords and payment information, could have been exposed during the attack. The company, however, said that credit card information had not been exposed.
The security breach was first detected on Sept. 6, and Linden Labs said it repaired the problem immediately. A company investigation showed that hackers exploited third-party software used on the Second Life database to break into the servers.
"Due to the nature of the attack, the company cannot determine which individual data were exposed. The companys technical investigation is ongoing," Linden Labs said in its release that was posted on the Second Life Web site.
Citing its own internal investigation, the company did not release many details about the breach besides acknowledging that it was a zero-day attack. The company is also still trying to determine what, if any, personal information was compromised.
Second Life is a virtual community that is maintained and run by its "residents," who can make purchases through this online world and convert the "Linden dollar" into standard U.S. currency.
 Internet-based threats using zero-day attacks are proliferating at a rapid pace. Click here to read more.
Hacking into video games and virtual communities has become an increasing problem.
On Dec. 16, 2005, White Wolf Publishing, a company responsible for some of the most popular role-playing game brands, was forced to shut down its operations
after international hackers exploited a software flaw and stole user data, including user names, e-mail addresses and encrypted passwords.
At the 2006 Black Hat conference, Greg Hoglund, a well-known security code expert, showed how he could beat an anti-cheating technology in the online role-playing game "World of Warcraft" by using rootkits he developed.
On its Web site, Linden Labs boasts that since 2003, when the community first opened, nearly 300,000 people from around the world have joined.
The company first noticed a problem on Sept. 6, when an unusual amount of activity found in the database logs showed that an attack had occurred. The initial internal investigation showed that the attack could have started as early as Sept. 3, but the company found no evidence of a compromise to the database until Sept. 5.
"On Sept., 8, 2006, we concluded that there was a substantial likelihood that customer account information could have been accessed," the company said.
The company has invalided all user passwords, and members of the online community have been urged to reset their passwords and keep track of credit card statements and their PayPal accounts for irregularities. Additional updates will be posted on the companys blog.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������xr۸(;wh�kLVl˱VlR}JEQ1Ermey��O7�t%_2Tl��Fw��o�Qȹ
kL.̤$;}.3轗%y歯
�zFUdvԭg�ѩiz�ц]3Ui�7�u�;�7oe��"�|���H5��%�j'~=xkLszV6ژz2F�e��.�hѲ�b
^Pk$ȁCxܤ�%HC8�5Q!IQ�w�gưF&��GK }{*>N5wlX셨�k!)*B8��F�Q#DxsjoehY㇝�n�5(8Q~�j�X�
1!�~�45m
"�'�[z�B�_d�#gBFm׀�{K}H2i8Cd`jĤA��-
XD2I|���&CcPWMۅ)�Ta5#mj�O<͒<�#Xױ-vt
za�c�3I5�'Q/#!TBbp`Z�WK��ִt;=r:?+��7��rH6ǂ�|+k�L�R*��rPML�i>'� :fv}��j�] ty�[�n9(��J/(.՚��f1;Qd�XI#/YTU9@f9jz'uk]_]-k��][>ߙecfy�3J>�PFf�K`W+Ɵ�㝡So9=yi_tnsMNZǭ.g{�:���W:�?Nկ-?o!aj;z Pe�PK9Lójt w�?t{ZdCGcdp,'�Y��s53P[h,.3$��BvrZ~@X*���+���3�osH@·�-�:2�vx
$ԃ�^7iB!
�9BÔ��̸gR�49�gPY��Dsa6�R� 9b`�*B̄H )sǃݼR����|@@|\~nPW )Y�S%E7#DH� vaT�B(��pHq��~�(R]�.⩛�|�rq��]7+De.,
s5-w6t�E?liQָqj>^NHsEmo�dzD57#���вnZDI�9aNms1_)�D"%Y֊PP9PA���G&Cf[ԒLPòÔ4yx7}���aM6uj}JlZ�h��>:!��
mx=Z.3A��Xn`vtBI�4�p<{k.�v>3�;A
�>��R�>ƔzN=?��=H�}nP`�ٮ��$Ɩ�ʆE@B㎂9�{۽�ޚ�^�(g�z7t
4�,/��O_@9`�$8ʼ��m�¢Pֵṃ�{�r`:�)�aiN3Lm``1 .�tJC-h�iy�zO�
dRJ
4G�!��-i]�R@A�z68 �-�,rr4���� "!bT[��'1TtyB#�}Tz(�FR1ab
-d[b��d6f�2KI�I']WM&D�rB��.G �wKᙖ&ZlY,*|\�{�Z�0c�]= #0 S0�2>9?f!�s WQ �c��=�3��"ݲ��%st08.f�FZ1jػ?0�q}a^ �s9hwtݰyB�ͩaqb��:_Aa І.�˄�t�&=V=gjc�t#5�5�S�\wĶ`伇�d��k�`l7>>CO
n�E`�3_iy>grG6
�y�@>J|�zS.z:
$�r%�vxU
�i!SL&Ze�n<�Gy�9&+)\=P+�_N�V쩈cX`D
��DbO)^HSОlG�x�\v�ΖuV�kͲT]^ӛA/-uB]+�¾� I �RL%��㵛Zԕ{:JK�_i��hH*�6\X-C��%-1^`�/a|kQ nM>*m!}�xqö��fo5/�TY97��4-ưj)+�XX5l�d �tA�qF�A2`@E}a�&6�$
ë�=��mO�ڽOn&�>`r��f.�G1�`;�ۋhpB e ֤ȫU5�=V�ゆ}OƉ/m%�|w0rh��|�89/M�yaGlJs7c4J'uE8`
�"=04'Z>�pd`/R3:¿w5gұj )ՅA�,䧒\R
�~�'�k�b"�ud60A�k��٦iߧ��Ob#fI�8RK°f>v9&�ƀI4e�$lw妚�
ؖGANnQ=aoEk�9n{>7Б�M�6����LKw=9ؤ?CU^bx�,"JPV"jS#_VRVT+
ofP���ͼ܈c ��ϡ:oF��|m/Lw7T�zswrЧ7{_{}0t�.ɕ6gs|\yj�&�?alAc�2&�z@jX~lt�6H(TXnƪ
��<@VI�YhQhwh�_�/ۡanH}�gN�q&-no^�k8dЛiφ9rN/XdZIp|a��vKrekH˷��Bgfhs�o騚�k�cc>ϡ��-WR_�,!c1�s*?
\x�u8�WX22�wm}T�c��*� t+��W�U>s5лMs�(,��x�g4DcC�6A���
A,l�֣>V%2!>is-&��m'a99�n�7=R.���21P*~
EPGIurd*�+ZRb<*�r9)�.?5d;ZAY_
kєXkhs)6-�ܝ`@O|K!�O�
064eD3�_<�p[n)1uy�zł5т]h-Bwyr
`��3Wf�48َc�Vp�DM"?Ҁ�h)k02?0RiCY|@`W|Z$t`�1[��m9�:Jwd:)dnS55[4=5��Yw�W�wga��wIƙ
r1/vσVJrÎO|L��8!`0X>}m,�~O9^g�|\V*
�x:#�d�`#!A-!��y;�m'_�bkH0/�
�/Tٛظ�~2���K��L!ܚVjD �3L��
2˸6_ c쓡ً,`*ٽZ���E1 VmIT�~�jgZE q��gMX2[BKD^)ΛI�l�sٓN�χx�h�>?i��t۽v��sza~^-9�;.U.���ߤICR�|xxy"/[b�!{&,2�e'A*$�`ܰW#&Fk�ߏ^NE^5ONڗk^6v:��<�-o�dO!РQ\�8�Ks'j}ْXGz+Q~\M�
y~ybU4WHV:8����ڌ7�M
l�H2`u_c;$]wn��^A5
�%-s}Һ̂�Vs>ǹ��\q\l{r�s`Qf4�'lQ돝�G�´V�XȬE`CxC7$}(Wi�b��&� ��L׀zB�*�q^7?':Ky�6P��
�`��T1J?|E/R)Q\(��hIsLG�$G)��^(o`'kѷo9F߀>O1Okw�tE�h[(k��rEoǸvI��b~<)}B-N9˞)F�4N/�ÍW��G r�EΧ5p!�!BN L9�Wbm�1ŧ
'>
B�aq@�{��Gl'iniQj5Sb)s�tJ1S�tl�+04yO PɯyYzB,R4ψ&HG]�/_|�5HPW
ɝ֛�^5/7'8
$uks~�^^ҾxuX<82k��%85(^y���
>ڢG -�GX5Tq-�jٷΫ���h�Cp0�1�{>h AؕCrS�r�zT"2KIsa�;;��[�@)s^�X�2k=/(�~
ܳ,d�:];wOv�g>*k�ٸɘZ A�0.�gh;K�Q>�OHIlk�7�XP�;?�/P.T=s-hh*1f�>!_�:[�˱0s!ꥧw�TdiwXm79'9�tFًnkԕELf�?
ٽ_G)KV${k²"��
��0zNt,4P$9U
[�ȞEVe.tٕNx2<::�kɨ�@7Yu��(f~\;pGRE}�efW]M=}C]^lfڙݫA�/��zXz,}]bwSȤ;\�.o,K-T#5"�v�ًRQ{eQ�j�ȓC��b67Y"Y��Nþؤ]Gsk
?ƈu'Ⱦm�2فȣy{8^�&2� G�F�[RL@���P`G
�ƔA���iCDH�C3٤h��2�6��k0\�f�>a!�'k&u�Lsq�PZ�p+
(aK��xFp~llnHj!~×�ず,�{�%$����~��zjVT�/%�7]A=�i4�EŴ�R0%�p^ZE��H�+
� ]<�i%13Qt T�ۤBBEGC=�[D�B�!<
,�OD�݄�T)h�a˦7˿|Avlc�ORUI=؋�Ka5�+Щg21Kf&�y"=9R�%R@=P)�A%gGXI�3'�$�g�%4hl] Vޔ
/k~��F;�%6sQ>�tUq!l�&�l�&�[�2��<&g�ޞ+M\���׆wI�T3%0D v͡~a:� �c`b&�p �m�ܼn4UIKjuS)=i����RʵI��79L6LKύ�ڞ�Di@b�vyHTC.��B����E`p ] �4XH�mؾVXrb��`P85{O:ѽSۼ.��ךunMH3$�L�pR�:>DK(x^,ҦLYy:S
Ge��Mtv-Cc!#S0Us
{ES�ZDjT-*�\{,9�~T1���Qs45��z,�Z�7 ��43�H:`A$l3f~5~kqx%8 \.J5_,?߅�髗dBnX{�q-jԲXp&|�n-Znu6-X�|yo�m!�HB� ��Ėm�q@�]j濎*Q�j<vT6m]3)k-%c�tl2$]{oz/cQ��%(}��X�ې
*/i�d`*=l3xb[Ab乃V�M5��AHD@j6^�@l$ SxBu7qo"ߣݝݝݝݝ�AM)o�Z��F�cli�E|�
zx�Z�#͇xK���,]�R;���t|�@�h�a���F80"��l�p��x
��O(�ц'\Nna�=(Y<�^�na=i*�clٛiί��ܯ��ؾm�L�H�yDCm��g8�pH-l:1�Ȱu�ۖx}?ߦԐJ(-ݓ4ח�*ih "e^:q�ڎ�e>��~*I;g�V"�#XS���[זƺxK@HMN#O�.9R\(N�~�.5�hvw
&3��VV:㷪K݉80K��,����H�Z�MZ0Z/X�$8Kvi�¯3ˏ��s\+]EߴvRzȗ��cN�k�_gë^GnJ�k
c;i%7a}K�\"7{3Pwœq-w[=:n�&0|ڀ��s�uXŻ{`,$d;6ؒLHjfo���gjX�P|J0���f�X�V�IaPzT��:eɯ/O/-˹tjѥj{i,�ˑO-O/gs{,Rɉqq� >(?��tZRcaĚ([A-q�io2?7O�#VH)�4�b�Rf&�6�`�p�7�DH��ȓs4��zi�~vϳYb�>�I
~��7H/��g7pz�(p7>̳)!�$~la�V�%1Y.=z�9 ��b�na�51�\{jkUB
R^FD�|ID�+�`�g*G�xTsҘLv��m#��qذ<4=Ouжxw\�Dz7�3�
dFd�_�}Yl
یP^ݢ@lӤh�;MDvx�Q+b�*ޡ,7i��;��뻒4�D!/(�/na�aI{ŕO*r}Ϙ$'sp0RG�99��A��[w�A!cx��Y�"�'"�K�H�
]N<��g`ҧ�E[�Z^Zn=r�2Y�-oi9'͡`7*!E�L�iؾ*F��,kG� J�&��^p���@�8l:
}}[Q[o7jaL+BcJ�Mc4X<��x^KjD7�"|BwO3+8�B0+vd"m\%jIsKDsg>OH'�>#Ժ3\B+�[^n9�$Z.Z{q2?^+t66omIU+16g%څ]�aIJ %'0�99,24�}c��|:T74�zG*ńF_G�F�ZV>Z6ވۓjMqM5�(���0]hî�ֿ�-Ǥ|IVc�%.�.|_!n E�c\Y\�+p��S�C7R�46$@e�9T>�Ojn#.��ݫŖr�Ʀ}>+틍i|&W[҅f,I1Ps>coIVAW6���:nA/W|i~�NǛ/�|�T�3/b=�-Ѩ�#C
1a�.=$wz̥�7b?= jN�8}oZ�
`�[ *>I.�$%�H�"H] �YC
`�x_L >�FlM뵮a�E�3�2>f`#w�;a�yA��ߩ>>9 �Cb_¼"�
2K1PwC�9¦sv��F+e]f�7�>�a75|$rEhC9Ҕm͇ˮr�p�#}~
��̀�,Zފ*%*���@1
d�U
�_wLiu��n�C��-�&Qχٮ�26r)eDRP�(�"`"1aX9c#bwt�o?ތLZ:�7O��c��Zu�@e�b�q�r9��<_qT
H"b)�"�PN�e��I�t�03�w���
)C�(�nlH MF�<�_z�fJ
�c{ �AXE|s�O-gqS�\٩�=01$�YrC,MG,#_�h�C?&?v%b&ts
ƹD0��(VIL�u�X\FB(�n<'*<(
n��v?띉{2��%(�p��@Ka1c�VoVR%0
~+�>f�ٕa*�XUK�Fy=WMNCXF*_�iL$�R.
n/ �2bg44C!$Ո7Ѭ�C;4?5iVt?�uWv�;7x Z[j��u+t:';WOۗe/85��v>LTuk+�a9.@^6/ZNQʩ`Rk̵,<�%
y
*w�GE Ccq�^c{
|=�{#�Y6e5ļ�fzu7C�ؼW?�wz
''n7N(׆]}~,ǫ�x]f`ayQ�Crt{�rX;�~ptYnn~�(n�O!uqt.[F`RR"o�<%�HI
KIMfJz�;)'@VJ1�O?�=>��!vq^>4')_;�?ϴ/S�v
�ƇnJgH>�Ѯq?�_�4@ߋ�^�}.Rs�Hi�E
^�^'eJ/?A3H?KI�+%�/Rҡ/S�2E~..S�wR�N~�J+(R�:nJnJ{�
鿮O�1>Athߧ}�}J
ߤ�ޤ
R
M
:IJ� "g+8=R��2�~)A_<�4%�SYY�~v¯e^й\42Я"e�2~62Ak_�wN
aq�ʍ0{�>5�s�[I�Ruח�
c|*�,xWbyH�L+�g�٘�@�{#u/�'NW�7��\]M�bu+r>V鄘Vq�2w,y|=U��cLF�EcbΞ;'"%AF0_��Gz̉n~q)�s
2�w?5ø?k��o�].�ַqQh7�epI{yh����W�=Eu
\\�WܝZWteflPcr�dm�XoCd�x\$�N7]G,d+�� +WY�-J��C/�c
H;���J3.~-gw`/�hͦ�{2_Wh=cĢpN!3JЭo� |Q&@vNPؿ�kj
�P7CtF�.{4�6⇝m�Ԇ}4p�Id@*�ZjR3�vk$2t�3t��UEVr�g�l��tF(��yB�T|MӰW ]7a>ǡǎ�!,�pC�F݊-n%~Ck(��x.��xW5*�(4f!2^0�&Xz@O35�̗>8M5(V�!;Po�eSU�ޡQ��ky�_!�?g آ<çS��Мx�Ldp!gB-ҋSֿC�s%],fk.���k`VrM�C6M�Jr�XL�sUIrdy;�lc!Ci$NXwp!rE>L]Rvoy��U�@
{�7�iqg:�x�n'[ 7e%R}O3F �U(\0~�'Jk>U�5~�ɑit(�V �EJ(�d%by]RrbL�۰ܱiφ�n\�ؗZ 4�mc:HOL�-sm{o��k:n]vܙ%Ӌ/T�B�=�l}{މǚ �]L�Dƨx^apv �X6^?I .OO�]Wv�BaI3:ܰf�Ҏ���}'ݹ�fs(O5:L𞥕\6X�g'TgB
xYU7�M�$ݰq�;atd?lƔQW�Ä�� #,HVCP}XGMLl�-Ovtms&|cxP�ƀ.цI�d�|ABQm��Ck���1H�G~x9�5��H(KWXN�A��}J垓Gg_ b�
{y*"3@4gQl(VxRLN�5m�czlo()�q+�9�Kن��xW,HsԲx*�D|JGWF/@s3�.v)�h=$1|�t,E左e��S���!mΠo'b�_�^s6eL 3t#mKυ#RZⷓ� Kː oX�)u�,|oW|B�L[{k8m`v����0Nڽm�j?A9DEPީai.-0SF)f��%NS��xS{E�x�ĵ���!M��a(�zc<�9z�n$ {&��m�/{HPWWݜ햏���Ϙo|
8�O.�dl�g��{ohI
��Wsx�R}r:`+��슇
�?�dxE���#bSp[m+0�ـ�AX3'5c��b@8f;{9rW=?9z��l��n:9Y��}l#s!?"0M�n"m�^kti¿�lQ\mXv-ȣ]Iɍ
RFm1��f��#fx�E1�Tj0g�nG)xI{J\oXG�- s+49)>�-cۙ8Sg��kA�o�> []R*gZ
12Mol'��Eb/5R`8(� z�|s|FYM�qLMhmB`p8�te0QS;fS��C��#�{׀ �4r3n�D��@ͽ]�^c*!��R04xr�m��}P�9�]�/>$ݬoew��ff�sOk̳�-M�@Wo�č|E]m֠8g��ս=�cDv7x �O�~^
�#n>e/c�/_�ŁY��fZ�^_X�~�7s
5Y�e )�Sg#B/��K�Áj@��g��o#+C~�ӆ1�ډR;BhX�)�K�3��jŮC��Eb=w*Zۑ�}>WrN*a�9��h"^v@od�ұz3]..RW�Ϡ�ط�c�lg0�k~�h5,qUb'X�G~GTp�7YO~ٹnuS^G_\����f"{�*V�1*k;x W"�d'vHǶ �ziQ�@\��HT-�"<�E+fŻ1ά�K�9X�:�e4hN;0�@�t
�$���2�L~�Q8]�?�v �@p�?J%%�N2h���&^�7��ZlLGt�]܄�]#l+��9b��zl:n�mI�,���=B�iB$l`ELq(x�J&Ss�
|�X{-R�-ˬ-��t�l)4MpYjF# y\�~ZX��Y�}nMZ#aڃxwǏ27{��b@j0g���FHr=̢
ʼnW�@�{�cfxͽ�^D����iAƀܴ1-f@�LrĬ6�&��"։ kk]���|1=NՁyb��#@Pje�h�lD?�d�,)zPH;p"GtN>i=80H�o!�6p���e=%+H�w!�xʟ;1)@t~!Y�I�e �R�d"�?��$��ƞ@v7G"J$�d�JE�ۻ{V(ͣ�㩅i�'P��{GOZsr�D@ u.?��L#^�ևh3wvF#ޑw>�W�9RF��[�L y�ϫP)jxͻM2F�R��⭥8b Ω@�%.*Y��=�^,u#xY�sK���ΆM\&`toI��l{M8XcѴ��y߬%i8 wqΥ&f�1��-v�/>m�M��q�Fl�>-Db=kGk돍l5�ɱi�43y_PG^θ~"(Q�=�46!h��@/�^bQ&1�Bh$C��͞^đWei]x58�|�l��C0ր 4�K2��Mf?��Wve'=�s�<�\{-�ق.ٷ
אsٓN�χV�WB:�zբ�o(a�0Ur�%ߴz+;Ä#\�xa''x�:2CM��jHXo�|+A*\%S��r�&B"V�|!cR�Q1��1L�bq�F{�e�q
�q�:X拭e6S��T/�|A�/Tr!:�1?xmpw6cQcfe$5ѬSx�x�qaY"g�;?�T�@��
|
Network Security & Hardware 
