Home > slashdot > Owning Virtual Worlds For Fun and Profit

Owning Virtual Worlds For Fun and Profit

August 18th, 2010 08:24 admin Leave a comment Go to comments

Trailrunner7 writes “Threatpost has a guest column by security researcher Charlie Miller on the ways in which attackers can easily take advantage of vulnerabilities in virtual worlds and perhaps online games to get control of other players’ characters and avatars and even cash out their real-world bank accounts. From the article: ‘It turns out that Second Life uses QuickTime Player to process its multimedia. When I started looking into virtual world exploits, with the help of Dino Dai Zovi, there was a stack buffer overflow in QuickTime Player that had been discovered by Krystian Kloskowski but had not yet been patched. In Second Life it is possible to embed images and video onto objects. We embedded a vulnerable file onto a small pink cube and placed it onto a track of land we owned. No matter where the cube was, if a victim walked onto the land and had multimedia enabled (recommended but not required), they would be exploited. The cube could be inside a building, hovering in the air, or even under the ground, and the result was the same.’”

Source: Owning Virtual Worlds For Fun and Profit

Related Articles:

  1. FTC Says Virtual Worlds Bad For Minors
  2. Aussie Police Probe Virtual Worlds For Money Trail
  3. Intelligent Thimble Could Replace the Mouse In 3D Virtual Reality Worlds
  4. Intelligent Thimble Could Replace the Mouse In 3D Virtual Reality Worlds
  5. Intelligent Thimble Could Replace the Mouse In 3D Virtual Reality Worlds
blog comments powered by Disqus
YOYOYOOYOYOYO