When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

QuickTime hack allows Second Life currency theft

Security researchers Dino Dai Zovi and Charlie Miller have found a way to exploit an unpatched QuickTime vulnerability to steal Linden Dollars from users in the Second Life virtual world.

Dai Zovi (the hacker behind the CanSecWest MacBook Pro hijack) and Miller (creator of the first iPhone code execution exploit) cooked up the QuickTime/Second Life attack during an investigation of the security of online games.

It works against QuickTime 7.3 (the latest) and Second Life 1.18.4(3)."All the victim has to do is have video enabled and enter a piece of land owned by the attacker," Miller said, noting that any Second Life player wandering near the attacker will have their pockets picked and then yell "I got hacked!"

View: Full Article @ ZDNet Zero Day

Report a problem with article
Next Article

Office 2007 Service Pack 1 Release to Web Tuesday 11th Dec

Previous Article

MPAA's University wiretapping product taken down

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment