DarkLife hacked - $400us stolen

Hi folks. I'm pasting a message I got from DarkLife co-founder today, Mark Busch.



ANYONE running a game or service in SL needs to look at moving their cash to a secure and different account to one their game or service normally transacts with. I wanted to put the word out as I'm sure this guy is going to do this again in some fashion and everyone needs to be aware.

I've just messaged the support team. We'll see what happens.

DarkLife is currently experiencing a denial of service attack from these hackers. We'll try and keep the game up for you all. Here's the note I posted on our forum



Well, I booted one of the alts from the DarkLife players group, but they are still able to chat on the channel. Watch out for that too folks.

Never, never, never ever rely on a channel in your script for protection. No security through obscurity.

I was going to post similar to that, why on earth would you base a whole system with a flaw such as using a channel without any filters for admins or anything?

Perhaps I misunderstood.

Well, we had a few other steps in place I won't go in to, apparently they weren't quite tight enough for this hacker!

I've also recently learnt about bulk channel scanners using multithreading. That also doesn't really help us

O well, lesson learnt! Hopefully the thief will at least see their accounts booted and locked, for what good it will do.

Security in LSL is mostly through obscurity. There is no easy way around the problem. As someone who has done game system design in SL it is no easy task to balance security and speed.

GPL'd Encryption Script posted by Morse Dillon.

Thread:
/54/96/171296/1.html

Code:
https://wiki.secondlife.com/wiki/XTEA_Strong_Encryption_Implementation


Sorry to hear about what happened. I saw Morse's post yesterday and it seemed really cool, but I read this thread today and thought you could really use this.

Thanks for the tip, I'll pass it on to Mark.

It's about time we had something like this! If it works fast enough for games it could be a winner for us, and others.

Mark has built some pretty strong new any-hack stuff into DL - (hence another delay for DL2) but this might add an extra level or protection.

PC

Unfortunately, this isn't quite true. For one thing, the listen can be indefinite. It's also possible to listen to every possible channel simultaneously, just by using thousands of scripts. All you would need to make them just enough different is to create a utility to adjust your scrip to then next set of channels and copy the next one into the clipboard so it can be pasted into SL.

If it was set up this way, he would only have to wait for the next transaction, not scan for years hoping to get a lucky hit. If he hacked you this way, then he can do it again at will, unless you improve your security.

A big tip-off that someone might be using this method is an increase in lag. A script like this could potentially bring your sim to a stop. You could also check your sim stats once in a while and see if the number of running scripts has jumped up by thousands since you last looked.

I bet there's plenty of other ways to scan your channel, too. I really think you should use any and all security measures you can.

One thing I've added to all my vendors is a little bit of extra math to limit paybacks. Any overpayment over 10 * purchace price is suspect and will not pay back until I'm contacted and my machines won't give any further refunds to anyone who has recieved 10 refunds, until I am contacted. That limits your risk of this kind of theft to just under 100 * purchase price of your most expensive item. If this is too much, tighten it up even more.

Mark has some pretty nifty security enhancements built in now. As for encryption, he told me that the system suggested would be too slow for the game implementation. Good idea tho.

No, I am sorry, I don't buy this. You can, at most, have around 64 listens at one time per script. That means you would have to have 64 MILLION scripts running at the same time to listen to ALL of them simultaneously. A sim is lucky if it can survive the strain of 16,000 scripts running simultaneously, let alone ones with 64 listens each in them. I would imagine that there is an internal limit to the script listen table as well, which either would throw an error (or crash the sim) if it filled up, or eventually just silently ignore any further llListen setups.

If DL used the same channel, then it MIGHT be possible after a long enough time to cycle through all those channels, but I tend to agree with the "year" estimate, and it would be obvious to everyone that it was happening due to the lag.



That's actually a good system; I've proposed similar ones to some of my customers, and it is used by a number of RL financial institutions as well as part of their "fraud detection" services.

I'm currently working on a DragonRiders of Pern RP ThreadFall combat system for my mate's Pern group, and even though it's mainly for RP fun, I'm using some fairly serious security in it. It's mainly as a test for some of the technology I plan on using in other projects, though.

there are some easy and fast ways to sign data, rather than encrypt, not signing sensible data on such a big system is careless at best. Random channels are by no mean a security.

here is a way:

message + timestamp + md5(message+ sender key + timestamp+secret key)

the receiving script can then be adjusted to accept timestamp +5seconds or more, depending how laggy the sim is. The replay effect is extremely reduced by the presence of a timestamp annd the sender key encoded in the hash (wich will be retrieved from the listen event). All the receiving end has to do is to recompose the hash and see if it match

Yep. That's the system I've been using for a long time.

Works great for lots of things.

search space = 4,294,967,296
10 seconds per channel = 42,949,672,960 scanning seconds requried
2000 scripts, 64 listeners = 128,000 channels
42,949M / 128k = 335545 seconds required
335545 / (3600 x 24) = ~3.9 days.

Even if we can only have 400 scripts that is only 19.5 days.


payback = breaking the channels of not only your system, but anything else they can wear that they want to break the comms of.

If they were just after your system maybe they got lucky and hit within their first 2 hours?

The new version of DarkLife now has a security with alternating channel and a hash encryption similar as described above (thanks for the ideas!)

Also I opened up the original version of DL in Navora for now! The new version is expected to open in Istaria Prime very soon, so keep an eye on it if you are interested!

When did this 7 hour copy-mod bug happen?

Sorry to hear what happen, and also happy to hear Dark Life is still around. Miss you guys =/

"secure" method:
Store each sale in an external sql db, then send the message on the channel and the receiving script/object can then verify if the received transaction message is valid by querying the database, and if it is, mark that transaction as verified so it will not only know it is valid but also recognize if someone tries to hack the system by referring to already verified transactions.

What these hackers don't realize, is that just because it's Second Life, and a video game, doesn't mean it's not a felony and a minimum of 1 year in a federal prison. And yes - I'm positive of this, I work for the criminal courts.

I would contact the FBI if this is a continous thing.

If the numbers were big enough, yeah. You also sort of rely on LL being proactive in helping you early on. This doesn't happen, they don't really have any systems in place to treat grand larceny any different from someone shouting Nazi slogans on your lawn.

This is one of the reasons I will not be supporting the SL4 Birthday program. Why should I put any effort into anything that, essentially, promotes LL, when they have proven incapable of lifting a finger for me(us)?