Welcome to the Second Life Forums Archive

These forums are CLOSED. Please visit the new forums HERE

DarkLife hacked - $400us stolen

Pirate Cotton
DarkLifer
Join date: 26 Sep 2003
Posts: 538
02-24-2007 15:45
Hi folks. I'm pasting a message I got from DarkLife co-founder today, Mark Busch.

From: someone

When I came back from holiday I noticed my secondlife account was empty. When I went away it was still about 112.000 L$

So I looked what happened, and it turned out on the 17th my account got robbed by some dude named 'CheckOutThis Hax' and 'Data Lindman'.

Probably the same guy as 'Client Hax' who had hacked darklife before.

He used a part of the shop script that gives back the L$ if the buy fails. The only way he can do that is if he knows the channel number (and judging from the previous levelup-hack he does).
But how did he know the channel number? 3 possibilities:

-Secondlife had a bug for like 7 hours some time ago where everything bought would be copy-mod, including scripts.
-He found a new bug in SL (Client Hax means Client Hack?)
-He used a scanner: but this seems highly unlikely, there are 4 billion channel numbers. On each channel he would have to listen, then wait if anything is being said (for how long?) even IF he would be able to do 100 scans in 1 second (which seems impossible to me, because he doesn't know how long to listen on a channel) it would still take about 2 years of full scanning to test all channels, and let's say 1 year before he finds it.

So I guess either 1 or 2.... anyway it's very very bad. we've been robbed for about 400 USD


ANYONE running a game or service in SL needs to look at moving their cash to a secure and different account to one their game or service normally transacts with. I wanted to put the word out as I'm sure this guy is going to do this again in some fashion and everyone needs to be aware.

I've just messaged the support team. We'll see what happens.
Pirate Cotton
DarkLifer
Join date: 26 Sep 2003
Posts: 538
02-24-2007 22:43
DarkLife is currently experiencing a denial of service attack from these hackers. We'll try and keep the game up for you all. Here's the note I posted on our forum

From: someone
Further to this, the hackers returned today and crashed the sim repeatedly and also adjusted peoples levels. We can fix that for you if you wish, btw.

As far as game access goes, we've had to restrict access to Navora to the group "Navora Access". You can get an invite to this group by messaging a moderator, Ethan Hawke or Trevor Langdon.

Apologies for the inconvenience I'm sure you all understand.


Well, I booted one of the alts from the DarkLife players group, but they are still able to chat on the channel. Watch out for that too folks.
Geuis Dassin
Filming Path creator
Join date: 3 May 2006
Posts: 565
02-25-2007 12:57
Never, never, never ever rely on a channel in your script for protection. No security through obscurity.
Ginge Reymont
Registered User
Join date: 10 Oct 2005
Posts: 190
02-25-2007 13:08
I was going to post similar to that, why on earth would you base a whole system with a flaw such as using a channel without any filters for admins or anything?

Perhaps I misunderstood.
Pirate Cotton
DarkLifer
Join date: 26 Sep 2003
Posts: 538
02-26-2007 00:07
Well, we had a few other steps in place I won't go in to, apparently they weren't quite tight enough for this hacker!

I've also recently learnt about bulk channel scanners using multithreading. That also doesn't really help us :(

O well, lesson learnt! Hopefully the thief will at least see their accounts booted and locked, for what good it will do.
Strife Onizuka
Moonchild
Join date: 3 Mar 2004
Posts: 5,887
02-26-2007 22:38
Security in LSL is mostly through obscurity. There is no easy way around the problem. As someone who has done game system design in SL it is no easy task to balance security and speed.
_____________________
Truth is a river that is always splitting up into arms that reunite. Islanded between the arms, the inhabitants argue for a lifetime as to which is the main river.
- Cyril Connolly

Without the political will to find common ground, the continual friction of tactic and counter tactic, only creates suspicion and hatred and vengeance, and perpetuates the cycle of violence.
- James Nachtwey
JT Dagger
meeps
Join date: 2 Feb 2007
Posts: 23
03-14-2007 17:11
GPL'd Encryption Script posted by Morse Dillon.

Thread:
/54/96/171296/1.html

Code:
https://wiki.secondlife.com/wiki/XTEA_Strong_Encryption_Implementation


Sorry to hear about what happened. I saw Morse's post yesterday and it seemed really cool, but I read this thread today and thought you could really use this.
Pirate Cotton
DarkLifer
Join date: 26 Sep 2003
Posts: 538
05-01-2007 15:30
Thanks for the tip, I'll pass it on to Mark.

It's about time we had something like this! If it works fast enough for games it could be a winner for us, and others.

Mark has built some pretty strong new any-hack stuff into DL - (hence another delay for DL2) but this might add an extra level or protection.

PC
Svoboda Garsztka
Registered User
Join date: 18 Apr 2007
Posts: 3
05-01-2007 23:34
From: someone
-He used a scanner: but this seems highly unlikely, there are 4 billion channel numbers. On each channel he would have to listen, then wait if anything is being said (for how long?) even IF he would be able to do 100 scans in 1 second (which seems impossible to me, because he doesn't know how long to listen on a channel) it would still take about 2 years of full scanning to test all channels, and let's say 1 year before he finds it.


Unfortunately, this isn't quite true. For one thing, the listen can be indefinite. It's also possible to listen to every possible channel simultaneously, just by using thousands of scripts. All you would need to make them just enough different is to create a utility to adjust your scrip to then next set of channels and copy the next one into the clipboard so it can be pasted into SL.

If it was set up this way, he would only have to wait for the next transaction, not scan for years hoping to get a lucky hit. If he hacked you this way, then he can do it again at will, unless you improve your security.

A big tip-off that someone might be using this method is an increase in lag. A script like this could potentially bring your sim to a stop. You could also check your sim stats once in a while and see if the number of running scripts has jumped up by thousands since you last looked.

I bet there's plenty of other ways to scan your channel, too. I really think you should use any and all security measures you can.

One thing I've added to all my vendors is a little bit of extra math to limit paybacks. Any overpayment over 10 * purchace price is suspect and will not pay back until I'm contacted and my machines won't give any further refunds to anyone who has recieved 10 refunds, until I am contacted. That limits your risk of this kind of theft to just under 100 * purchase price of your most expensive item. If this is too much, tighten it up even more.
Pirate Cotton
DarkLifer
Join date: 26 Sep 2003
Posts: 538
05-02-2007 20:17
Mark has some pretty nifty security enhancements built in now. As for encryption, he told me that the system suggested would be too slow for the game implementation. Good idea tho.
Talarus Luan
Ancient Archaean Dragon
Join date: 18 Mar 2006
Posts: 4,831
05-02-2007 22:49
From: Svoboda Garsztka
Unfortunately, this isn't quite true. For one thing, the listen can be indefinite. It's also possible to listen to every possible channel simultaneously, just by using thousands of scripts. All you would need to make them just enough different is to create a utility to adjust your scrip to then next set of channels and copy the next one into the clipboard so it can be pasted into SL.


No, I am sorry, I don't buy this. You can, at most, have around 64 listens at one time per script. That means you would have to have 64 MILLION scripts running at the same time to listen to ALL of them simultaneously. A sim is lucky if it can survive the strain of 16,000 scripts running simultaneously, let alone ones with 64 listens each in them. I would imagine that there is an internal limit to the script listen table as well, which either would throw an error (or crash the sim) if it filled up, or eventually just silently ignore any further llListen setups.

If DL used the same channel, then it MIGHT be possible after a long enough time to cycle through all those channels, but I tend to agree with the "year" estimate, and it would be obvious to everyone that it was happening due to the lag.

From: someone
One thing I've added to all my vendors is a little bit of extra math to limit paybacks. Any overpayment over 10 * purchace price is suspect and will not pay back until I'm contacted and my machines won't give any further refunds to anyone who has recieved 10 refunds, until I am contacted. That limits your risk of this kind of theft to just under 100 * purchase price of your most expensive item. If this is too much, tighten it up even more.


That's actually a good system; I've proposed similar ones to some of my customers, and it is used by a number of RL financial institutions as well as part of their "fraud detection" services.

I'm currently working on a DragonRiders of Pern RP ThreadFall combat system for my mate's Pern group, and even though it's mainly for RP fun, I'm using some fairly serious security in it. It's mainly as a test for some of the technology I plan on using in other projects, though.
Kyrah Abattoir
cruelty delight
Join date: 4 Jun 2004
Posts: 2,786
05-03-2007 02:09
there are some easy and fast ways to sign data, rather than encrypt, not signing sensible data on such a big system is careless at best. Random channels are by no mean a security.

here is a way:

message + timestamp + md5(message+ sender key + timestamp+secret key)

the receiving script can then be adjusted to accept timestamp +5seconds or more, depending how laggy the sim is. The replay effect is extremely reduced by the presence of a timestamp annd the sender key encoded in the hash (wich will be retrieved from the listen event). All the receiving end has to do is to recompose the hash and see if it match
_____________________

tired of XStreetSL? try those!
apez http://tinyurl.com/yfm9d5b
metalife http://tinyurl.com/yzm3yvw
metaverse exchange http://tinyurl.com/yzh7j4a
slapt http://tinyurl.com/yfqah9u
Talarus Luan
Ancient Archaean Dragon
Join date: 18 Mar 2006
Posts: 4,831
05-04-2007 10:08
Yep. That's the system I've been using for a long time. :)

Works great for lots of things.
Small Klaar
Registered User
Join date: 29 May 2007
Posts: 1
05-29-2007 07:33
From: Talarus Luan
No, I am sorry, I don't buy this. You can, at most, have around 64 listens at one time per script. That means you would have to have 64 MILLION scripts running at the same time to listen to ALL of them simultaneously. A sim is lucky if it can survive the strain of 16,000 scripts running simultaneously, let alone ones with 64 listens each in them. I would imagine that there is an internal limit to the script listen table as well, which either would throw an error (or crash the sim) if it filled up, or eventually just silently ignore any further llListen setups.

If DL used the same channel, then it MIGHT be possible after a long enough time to cycle through all those channels, but I tend to agree with the "year" estimate, and it would be obvious to everyone that it was happening due to the lag.


search space = 4,294,967,296
10 seconds per channel = 42,949,672,960 scanning seconds requried
2000 scripts, 64 listeners = 128,000 channels
42,949M / 128k = 335545 seconds required
335545 / (3600 x 24) = ~3.9 days.

Even if we can only have 400 scripts that is only 19.5 days.


payback = breaking the channels of not only your system, but anything else they can wear that they want to break the comms of.

If they were just after your system maybe they got lucky and hit within their first 2 hours?
Mark Busch
DarkLife Developer
Join date: 8 Apr 2003
Posts: 442
05-30-2007 12:48
The new version of DarkLife now has a security with alternating channel and a hash encryption similar as described above (thanks for the ideas!)

Also I opened up the original version of DL in Navora for now! The new version is expected to open in Istaria Prime very soon, so keep an eye on it if you are interested!
Sean Martin
Yesnomaybe.
Join date: 13 Sep 2005
Posts: 584
06-03-2007 06:11
When did this 7 hour copy-mod bug happen?
_____________________
Sensual Casanova
Spoiled Brat
Join date: 28 Feb 2004
Posts: 4,807
06-04-2007 11:36
Sorry to hear what happen, and also happy to hear Dark Life is still around. Miss you guys =/
Squirrel Wood
Nuteater. Beware!
Join date: 14 Jun 2006
Posts: 471
06-11-2007 04:18
"secure" method:
Store each sale in an external sql db, then send the message on the channel and the receiving script/object can then verify if the received transaction message is valid by querying the database, and if it is, mark that transaction as verified so it will not only know it is valid but also recognize if someone tries to hack the system by referring to already verified transactions.
Slip Barrett
Irish
Join date: 5 Apr 2006
Posts: 119
06-21-2007 22:01
What these hackers don't realize, is that just because it's Second Life, and a video game, doesn't mean it's not a felony and a minimum of 1 year in a federal prison. And yes - I'm positive of this, I work for the criminal courts.

I would contact the FBI if this is a continous thing.
Pirate Cotton
DarkLifer
Join date: 26 Sep 2003
Posts: 538
06-22-2007 05:10
If the numbers were big enough, yeah. You also sort of rely on LL being proactive in helping you early on. This doesn't happen, they don't really have any systems in place to treat grand larceny any different from someone shouting Nazi slogans on your lawn.

This is one of the reasons I will not be supporting the SL4 Birthday program. Why should I put any effort into anything that, essentially, promotes LL, when they have proven incapable of lifting a finger for me(us)?