Got a couple of articles I plan on doing soon regarding a couple issues on the grid but until then.....
Recently there has been a scam going on, I heard rumors of it and a very specific URL, but theres always some sort of scam going, but however I hadn't even realized how big this one had gotten until a friend of mine got hit by it!...and had their account hijacked.
anyhow a scammer or group of scammers have recently been using free web-hosting websites that get you a free webpage, their URL is designed to be disguised as secondlife marketplace by cramming "secondlifemarketplacee" where you normally see the www, in a URL followed by the URL of the webhosting service such as my3GB.com with various address extensions.
Anyhow not only are they trying to get you to login to their website using your secondlife login and password, but they are harvesting passwords too and logging into the accounts of those whom they have hijacked the accounts of and asking people to do stuff like look at a specific item and not say what it is, but its like ooh you gotta login and see this!... the problem is their messaging people in the friends list of the hijacked account, so messaging from people you may trust! so if the URL looks suspicious but it came from a friend... chances are your friends had their account hijacked and have fallen for this scam... don't fall for it too.
Anyhow safety first before clicking any sort of link on secondlife, emails, or chat applications, you should always look to see where the URL goes too... you should also be familiar with what websites linden labs officially uses for secondlife, last I checked, My3GB.com was not one of them
Anyhow secondlife marketplace is located at https://marketplace.secondlife.com/ if the Main URL varies any from that chances are its a scammer trying to harvest data and it might not be your friend logged into that account!
Update:
A similar article is on SLNewser which I encourage readers of this post to read as well as I really feel the incidents are directly related:
http://slnewser.blogspot.com/2012/04/phishing-scams-target-phoenix-firestorm.html
Thursday, March 8, 2012
Saturday, July 16, 2011
Relay for life event going on now
hey I haven't updated in a while while I've been meaning too, today I would like to encourage my readers to stop by the relay sims and light a luminary and make a donation to help in the fight against cancer, never been to a relay event in SL before? load up secondlife and type RFL in the map search and visit one of the many sims, walk the track and come see the displays setup donate if you got the L$'s and help support the fight against cancer.
Friday, March 18, 2011
Redzone 4 life group
Well it appears zfire xue slipped an alt by the lindens ban against him found a group titled "Redzone4Life" ran by a new account that goes by the name "Redzone4Life resident"
did a search on the group when I heard about it and in the group info it sais:
"Silently we stand in protest to the lie and accusation of Greenzone and their cyber terrorist ways of griefing sims, making sim owners lose business.. TOS VIOLATION!! PRIVACY INVASION!!"
the group barely has any membership, but I think the above wording sounds familiar, given that looking at the patterns and their writing style I think its pretty damned obvious who it is, and then the further spouting of false bullshit makes it even more obvious.
They accuse us of being cyber terrorists but, their the one that made the system that hunts down users and bans those they deem as undesirables falsely as copybot users and mass bans users with shared service such as college users and those from the UAE, and post up websites like the knights of mars website mentioned in a previous post which specializes in account intrusion and cancellation, ToS violation? were not the ones violating section 8.3 of the ToS which sais not to post spyware to the system, also a privacy violation? again were not the ones posting spyware.
and further on as their group states in itself... nuff said
This zf redzone stuff is full of shit and way out of hand and needs to go away, and as we can see zFire Xue is just simply banned from the system where he can go on to create new accounts, again the person behind redzone needs to be arrested and prosecuted to the fullest extent so again like in the previous post, I encourage you people to file a complaint against him with the IC3
http://www.ic3.gov/default.aspx
did a search on the group when I heard about it and in the group info it sais:
"Silently we stand in protest to the lie and accusation of Greenzone and their cyber terrorist ways of griefing sims, making sim owners lose business.. TOS VIOLATION!! PRIVACY INVASION!!"
the group barely has any membership, but I think the above wording sounds familiar, given that looking at the patterns and their writing style I think its pretty damned obvious who it is, and then the further spouting of false bullshit makes it even more obvious.
They accuse us of being cyber terrorists but, their the one that made the system that hunts down users and bans those they deem as undesirables falsely as copybot users and mass bans users with shared service such as college users and those from the UAE, and post up websites like the knights of mars website mentioned in a previous post which specializes in account intrusion and cancellation, ToS violation? were not the ones violating section 8.3 of the ToS which sais not to post spyware to the system, also a privacy violation? again were not the ones posting spyware.
and further on as their group states in itself... nuff said
This zf redzone stuff is full of shit and way out of hand and needs to go away, and as we can see zFire Xue is just simply banned from the system where he can go on to create new accounts, again the person behind redzone needs to be arrested and prosecuted to the fullest extent so again like in the previous post, I encourage you people to file a complaint against him with the IC3
http://www.ic3.gov/default.aspx
Wednesday, March 16, 2011
zfire xue gone from secondlife, how you can help keep him away!
not trying to take credit for zfire xues removal but this Tuesday he was removed, the Monday morning before I had filed a complaint with IC3(FBI's Internet crime complaints division) and had cited my own blog and some of the other blogs which gave details on his various violations against your privacy, with this as I would like to give special thanks to no2redzone, greenzone mouthpiece, forceme silverspar, and the many others who protested against these privacy violations sold under the guise of being a security system.
with that said I know its kinda beating a dead horse... but best to make sure its dead, I've decided even though the Lindens have removed zFire Xue, I'm not going to rescind my complaint with the IC3 in case it hasn't been seen, as a matter of fact it might be a good idea to file your own complaints against zfire xue as well and leave your blogs up with the evidence against him they contain, what he did was a pretty serious crime in the first place, and the more info that came out the more serious it obviously was, I'm hoping his removal was FBI crackdown, and I'm hoping he does some jail-time for this(it would certainly keep him out of the hair of the secondlife community for a while), but with the lindens keeping quiet on his removal there is no way to be sure exactly who made the final decision to kick him out the door and what evidence it was that lead to his downfall.
Also thanks to no2redzone blog and others we know he has a criminal record for fraud over ebay... no doubt zfire will be back at it again if he isn't locked up, so even though hes gone, I encourage those who have detailed knowledge of his criminal activity.... file a complaint and help keep him away!
http://www.ic3.gov/default.aspx
with that said I know its kinda beating a dead horse... but best to make sure its dead, I've decided even though the Lindens have removed zFire Xue, I'm not going to rescind my complaint with the IC3 in case it hasn't been seen, as a matter of fact it might be a good idea to file your own complaints against zfire xue as well and leave your blogs up with the evidence against him they contain, what he did was a pretty serious crime in the first place, and the more info that came out the more serious it obviously was, I'm hoping his removal was FBI crackdown, and I'm hoping he does some jail-time for this(it would certainly keep him out of the hair of the secondlife community for a while), but with the lindens keeping quiet on his removal there is no way to be sure exactly who made the final decision to kick him out the door and what evidence it was that lead to his downfall.
Also thanks to no2redzone blog and others we know he has a criminal record for fraud over ebay... no doubt zfire will be back at it again if he isn't locked up, so even though hes gone, I encourage those who have detailed knowledge of his criminal activity.... file a complaint and help keep him away!
http://www.ic3.gov/default.aspx
Tuesday, March 15, 2011
Might be time to celebrate!
Just got a notice in the group "green zone users"
"""
As far as we know, the Redzone devices are no longer "phoning home". We have not heard anything official but there is no longer the need to post redzone places in group chat or talk to parcel owners.
Redzone users are likely confused right now so lets not add to their stress. It appears as though zfire xue is no longer a member of the SL community. We will keep you informaed as we know more. Remember, we are the good guys, ok???
"""
just did a search on him(zfire xue), and his sales associate(theBoris Gothly) their both gone! no longer listed! perhaps kaput!
I would still be cautious around the redzone orbs though.
"""
As far as we know, the Redzone devices are no longer "phoning home". We have not heard anything official but there is no longer the need to post redzone places in group chat or talk to parcel owners.
Redzone users are likely confused right now so lets not add to their stress. It appears as though zfire xue is no longer a member of the SL community. We will keep you informaed as we know more. Remember, we are the good guys, ok???
"""
just did a search on him(zfire xue), and his sales associate(theBoris Gothly) their both gone! no longer listed! perhaps kaput!
I would still be cautious around the redzone orbs though.
Friday, March 11, 2011
Change your password!
I Don't know how many of you watched the phoenix office hours when they announced their release of the media filter feature, but In it they state that they are neutral to redzone, I've always been suspicious of phoenix viewer and Don't use it myself, due to all the fiasco's that happened with Emerald and the retaining of the devs who didn't have their reputation spoiled by the emerald incident, So I've always been cautious about phoenix, So I haven't been considering it for use. anyhow did you feel their statements were neutral? while the speech was made to seem neutral I don't know if the tone was neutral throughout the speech made with stuff like Greenzone attacking redzone users. Greenzone is not an attack group but a protest group so when watching it with friends, I did have some nasty things to say but kept it to myself, however at the end of the speech and the Q&A on phoenix's media filter, they stated that they would be posting further info on the phoenix Blog at http://www.phoenixviewer.com/ there is a post titled "Media Filter" Dated Tue, 08 Mar 2011 that has a statement like this:
"""
I would kindly ask you to not discuss the Redzone debate in our in world support groups or contact our support people in its regard as it cripples our ability to provide support to our users who need it and has nothing to do with our project. Instead, discussions about Redzone should be taken to the Redzone Forums here:http://isellsl.ath.cx/madsci/forum/viewforum.php?f=8&sid=f38c40179f37209231be6a3f63c254eb.
"""
while It's not the intent to criticize phoenix in this blog post unfortunately some needs to be said, back when it was called Emerald I had suggested on their forums adding a media filter support and had to deal with trolls as a result. but the above statement, linking to the ISellSL forums and saying take the discussion here.... that was either Malicious or stupid and suggesting to take the discussion there kind of circumvents a good reason to have the media filter, but anyhow as said before the target of this blog post is not phoenix so I will not go into further detail about it, however when I first discovered redzone, I contacted theBoris Gothly and asked some questions about it as though a potential customer to confirm my suspicions, and then told him that it was a violation of privacy law, he got pissed off and after a while suggested I take it up with a rigged privacy poll they had at the same time, I stated I knew better than to sign up for your forums and why which lead to more bickering and cutting off the conversation but I always found it kind of suspicious that he was so up front about getting me to sign up for their forums to hit their privacy poll...
onto the next subject, back when emerald engaged in datamining they had linked the alt accounts of users within their own database along with IP's and some additional info, While I don't exactly like Alphaville, you can see a list of usernames that they had gathered information on(stripped of the info of course) here:
http://alphavilleherald.com/2010/05/emerald-devs-modular-systems-data-mine-tracks-16740-avatars.html
hit ctrl F if your browser doesn't flip out from huge name list and freeze and search for a name you know or a friend you may be concerned about but look at this too, search for linden, they've gathered data on the Lindens too, while Lindens can make themselves invisible to scripts, this isn't an always on functionality as they have managed to gather up info on various lindens
Well now as of Late and onto the point.... I got another link the other night:
http://no2redzone.wordpress.com/2011/03/10/zfire-xue-admits-he-hacks-sl-accounts/
give it a read through, this is exactly why I thought it would be stupid to sign up for an account on his forums, apparently one of those videos you can only display to certain people on youtube, or something of the like was discovered where zfire xue states something about getting into SL accounts.... but onto the point, it's his forum, whatever info you submit, can be viewed by zFire Xue, this includes IP address Forum Username password and anything else you submit, essentially you can sign up with a different name on the forums, and have it linked up to the IP redzone has logged, also apparently according to no2redzone blog zfire xue has been keeping record of the password his forum users use, and passwords that they have incorrectly typed in(we all know some people accidentally enter the wrong password on the wrong service), this way he can harvest the passwords of not only users who re-use passwords between many services, but also people who keep track of many passwords and occasionally enter the wrong one in the wrong service, or enter several passwords until they use the one they signed up for that service with.
what phoenix did, suggesting the argument goes to his forum, its really stupid, and anyone who took the advice, just the same, but now also I think if any redzone users have their secondlife accounts broken into, it serves them right, but with that all said, if there is password theft going on as suggested by no2redzone, how long do you think its going to be until he gets a linden detected by his redzone? bet lindens have alternate accounts, and I bet some of them use the same password between their home account and their work account, and login from both accounts at their home, now think of this, the Lindens on their off hours are like everyone else, hell some probably spend their time in SL doing what everyone else does, and some may even use the forums on the ISellSL website. Honestly, I think with Linden Labs turning their head up at the redzone issue by not banning zFire xue and theBoris Gothly, and the few others who have created spyware services like them, I think it's only a matter of time until someone gains administrative access who shouldnt have it, and I say this from personal experience. when setting up a network for a school 90% of the users of that network, used the same password in regards to every account it involved, and 90% of those users had obvious and easy to guess passwords, hell some users even had the same password with the teachers using obvious school supply related passwords.
Moral of the story...
Use a different password for everything! If you Accidentally type a password you use for something else into the wrong service, consider your account compromised and change your password!
EDIT:
Just got this link thought maybe everyone reading this should see:
http://alphavilleherald.com/2011/03/zf-redzone-security-breached-sl-passwords-compromised.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+AlphavilleHerald+%28Alphaville+Herald%29
EDIT+:
From:https://jira.secondlife.com/browse/VWR-24746?
WARNING:Potentially dangerous URL below
Google cache of "Knights of Mars" FAQ page: http://webcache.googleusercontent.com/search?q=cache:uhxAnqgoaDwJ:knightsofmars.com/kom/faq.php+knights+of+mars+faq&cd=1&hl=en&ct=clnk&gl=us&client=firefox-a&source=www.google.com Note second item where it admits it violates SL TOS.
Now check out this photo of an error on that site: http://www.sluniverse.com/php/vb/attachments/general-sl-discussion/18823d1299953237-redzone-epic-thread-part-deux-zfirekom.jpg Note isellSL domain, which is also the host for RedZone.
@Unya Tigerfish - There's your confession.
EDIT++: added Note "Knights of Mars" URL is potentially dangerous
Kinda makes me wonder if zfire xue has already intruded on a linden account
"""
I would kindly ask you to not discuss the Redzone debate in our in world support groups or contact our support people in its regard as it cripples our ability to provide support to our users who need it and has nothing to do with our project. Instead, discussions about Redzone should be taken to the Redzone Forums here:http://isellsl.ath.cx/madsci/forum/viewforum.php?f=8&sid=f38c40179f37209231be6a3f63c254eb.
"""
while It's not the intent to criticize phoenix in this blog post unfortunately some needs to be said, back when it was called Emerald I had suggested on their forums adding a media filter support and had to deal with trolls as a result. but the above statement, linking to the ISellSL forums and saying take the discussion here.... that was either Malicious or stupid and suggesting to take the discussion there kind of circumvents a good reason to have the media filter, but anyhow as said before the target of this blog post is not phoenix so I will not go into further detail about it, however when I first discovered redzone, I contacted theBoris Gothly and asked some questions about it as though a potential customer to confirm my suspicions, and then told him that it was a violation of privacy law, he got pissed off and after a while suggested I take it up with a rigged privacy poll they had at the same time, I stated I knew better than to sign up for your forums and why which lead to more bickering and cutting off the conversation but I always found it kind of suspicious that he was so up front about getting me to sign up for their forums to hit their privacy poll...
onto the next subject, back when emerald engaged in datamining they had linked the alt accounts of users within their own database along with IP's and some additional info, While I don't exactly like Alphaville, you can see a list of usernames that they had gathered information on(stripped of the info of course) here:
http://alphavilleherald.com/2010/05/emerald-devs-modular-systems-data-mine-tracks-16740-avatars.html
hit ctrl F if your browser doesn't flip out from huge name list and freeze and search for a name you know or a friend you may be concerned about but look at this too, search for linden, they've gathered data on the Lindens too, while Lindens can make themselves invisible to scripts, this isn't an always on functionality as they have managed to gather up info on various lindens
Well now as of Late and onto the point.... I got another link the other night:
http://no2redzone.wordpress.com/2011/03/10/zfire-xue-admits-he-hacks-sl-accounts/
give it a read through, this is exactly why I thought it would be stupid to sign up for an account on his forums, apparently one of those videos you can only display to certain people on youtube, or something of the like was discovered where zfire xue states something about getting into SL accounts.... but onto the point, it's his forum, whatever info you submit, can be viewed by zFire Xue, this includes IP address Forum Username password and anything else you submit, essentially you can sign up with a different name on the forums, and have it linked up to the IP redzone has logged, also apparently according to no2redzone blog zfire xue has been keeping record of the password his forum users use, and passwords that they have incorrectly typed in(we all know some people accidentally enter the wrong password on the wrong service), this way he can harvest the passwords of not only users who re-use passwords between many services, but also people who keep track of many passwords and occasionally enter the wrong one in the wrong service, or enter several passwords until they use the one they signed up for that service with.
what phoenix did, suggesting the argument goes to his forum, its really stupid, and anyone who took the advice, just the same, but now also I think if any redzone users have their secondlife accounts broken into, it serves them right, but with that all said, if there is password theft going on as suggested by no2redzone, how long do you think its going to be until he gets a linden detected by his redzone? bet lindens have alternate accounts, and I bet some of them use the same password between their home account and their work account, and login from both accounts at their home, now think of this, the Lindens on their off hours are like everyone else, hell some probably spend their time in SL doing what everyone else does, and some may even use the forums on the ISellSL website. Honestly, I think with Linden Labs turning their head up at the redzone issue by not banning zFire xue and theBoris Gothly, and the few others who have created spyware services like them, I think it's only a matter of time until someone gains administrative access who shouldnt have it, and I say this from personal experience. when setting up a network for a school 90% of the users of that network, used the same password in regards to every account it involved, and 90% of those users had obvious and easy to guess passwords, hell some users even had the same password with the teachers using obvious school supply related passwords.
Moral of the story...
Use a different password for everything! If you Accidentally type a password you use for something else into the wrong service, consider your account compromised and change your password!
EDIT:
Just got this link thought maybe everyone reading this should see:
http://alphavilleherald.com/2011/03/zf-redzone-security-breached-sl-passwords-compromised.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+AlphavilleHerald+%28Alphaville+Herald%29
EDIT+:
From:https://jira.secondlife.com/browse/VWR-24746?
WARNING:Potentially dangerous URL below
Google cache of "Knights of Mars" FAQ page: http://webcache.googleusercontent.com/search?q=cache:uhxAnqgoaDwJ:knightsofmars.com/kom/faq.php+knights+of+mars+faq&cd=1&hl=en&ct=clnk&gl=us&client=firefox-a&source=www.google.com Note second item where it admits it violates SL TOS.
Now check out this photo of an error on that site: http://www.sluniverse.com/php/vb/attachments/general-sl-discussion/18823d1299953237-redzone-epic-thread-part-deux-zfirekom.jpg Note isellSL domain, which is also the host for RedZone.
@Unya Tigerfish - There's your confession.
EDIT++: added Note "Knights of Mars" URL is potentially dangerous
Kinda makes me wonder if zfire xue has already intruded on a linden account
Monday, March 7, 2011
SL Viewer Survey
Just a couple nights ago I got a viewer survey, but the survey got me thinking about my viewer, and while answering the question I realized the benefits of using a Third Party Viewer were even better than I had ever thought, Anyhow the survey I got asked a lot of good questions, and just today a friend of mine passed it around to me so obviously this thing is getting around pretty good, but why not take the survey and share your opinion about the viewer you use.
http://www12.georgetown.edu/students/lsh25
http://www12.georgetown.edu/students/lsh25
Subscribe to:
Posts (Atom)