Monday, August 30, 2010

NEWSFLASH: Was Vivox Chat p0wned by Emerald Developers

quoted -- Was Vivox Chat p0wned by Emerald Developers? The Alphaville Herald

The short version: Jaycool and Ph0x were able to gain access to the administrative workings of the Vivox voice service. This enables them to listen to any conversation, anywhere on the grid, INCLUDING private estates such as Linden owned sims.

Additionally, using a "rogue sim" exploit, the two criminals were able to gain access to any user's computer, and download any file they wished.

Here's a short snippet of skype chat, where Hazim Gazov explains the rogue sim exploit in a little more detail. Some names have been changed.
Quote:
[8:50:12AM] : o wow I didn't know they could listen in without being seen, I mean I thought only lindens could do that
[8:50:59 AM] : Plastic Duck: jcool was abusing the shit out of that one
Plastic Duck: to download files from peoples computers heh

:O
[8:51:20 AM] hazim: yeah
[8:51:27 AM] hazim: the rogue sim thing + requestxfer
[8:51:30 AM] : What was he able to download?
[8:51:34 AM] hazim: anything on the computer
? The Alphaville Herald
-- end quoted
Beside usual drama would have with voice on sim, this is reason enough to never use it, to NEVER use emerald and to clean from your computer NOW if foolish enough to continue using. Maybe you not have dime and not matter but if you have money and bank account linked to it is foolish to trust script kiddies. I not want see you wake up one day to find someone overnight raided banks around the world. That is kind of news you not want to be part of.

2 comments:

  1. If you haven't heard, LordGregGreg has released an earlier version of Emerald. One where he knows where all the code comes from, promising us nothing malicious.

    The new viewer is called Emergence. If you like using Emerald then you should move to this client.

    Windows only, no Mac client yet.

    http://code.google.com/p/emergence-viewer/

    ReplyDelete
  2. I agree Maggie, Was going to delete post as is really none of my busines what others do, just alarmed me lots. SO everyone can take risks as thy are grownups. It not my place to make announcment as this. So post stays or now.

    ReplyDelete