E-Commerce News: Gaming: Second Life Target of Self-Replicating Worm

Second Life Target of Self-Replicating Worm

By Erika Morphy
TechNewsWorld
Part of the ECT News Network
11/21/06 3:50 PM PT

A self-replicating worm dubbed "Grey Goo" forced the shutdown of the virtual community Second Life after the worm's creators claimed to spin rings of gold, duping players who interacted with it into spreading the malware throughout the virtual environment. "The worm dropped into Second Life is a 'Grief Bomb,'" Rob Enderle, principal analyst at the Enderle Group, told TechNewsWorld.

How Much is 'Free' Costing You?
Learn how DaveRamsey.com saw a 567% uplift in ROI with Omniture. This complimentary guide and webinar cover the most important factors in selecting an analytics solution. Download Now.

Talk about art imitating life. A self-replicating worm dubbed "Grey Goo" has caused the virtual community Second Life to shut down at least once, according to the site's owners, Linden Life. Within the Second Life virtual environment, Grey Goo's creators claimed to spin gold rings, and unwitting players interacted with them to spread the malware further.

"This was basically a proof-of-concept worm that only self-replicated using the scripting features inside Second Life," explained Stefan Savage, a professor of Computer Science and Engineering at UC San Diego and a computer security/worm/virus expert. "They have filters that try to prevent this kind of self-replication, but evidently the author found a hole in them," he told TechNewsWorld.

A 'Grief Bomb'

Given that it only affected Second Life users' game time, it was not as destructive as some worms have been. Also, Grey Goo does not appear to have been financially motivated -- that is, it didn't try to phish or otherwise steal personal financial data from users. Nonetheless, players were rattled by the interruption -- which was likely the whole point, says Rob Enderle, principal analyst at the Enderle Group.

"The worm dropped into Second Life is a 'Grief Bomb.' This kind of an attack's sole purpose is to mess up the game" and get those that play and maintain it upset, Enderle told TechNewsWorld.

Targeting Web 2.0

Even though it was a relatively benign occurrence as worms go, Grey Goo is worth noting, as it may be only the first of this type of malware to come, warned Roger Thompson, CTO of anti-exploit software vendor Exploit Prevention Labs. "Increasingly, as we move [toward] Web 2.0, [and] with applications like MySpace or YouTube becoming commonplace, I think we will see more worms targeting these communities," he told TechNewsWorld.

Until the next YouTube or MySpace becomes apparent, however, virus writers are likely to focus on virtual communities like Second Life. If the real world is any guide, a proof-of-concept worm is likely to be followed with one that has a genuine payload.

Users of these virtual communities should start taking the necessary precautions if they haven't been already, Randy Abrams, director of Technical Education, ESET, told TechNewsWorld.

The Payload Next Time

"Second Life may be a virtual world, but real dollars are being exchanged. This creates some pretty strong motivations. In the case of Grey Goo, theft doesn't appear to be a motivation. However ... it would have been fairly easy to add a payload if the author had so desired," he said.

The worm's appearance shouldn't have been a surprise, Rob Graham, CEO of Errata Security added, as most popular online games have had similar worm-replication problems.

"One exception is the game 'World of Warcraft,'" he told TechNewsWorld. "It's not because they have smarter programmers, but because its creator had already been burned by replication bugs in its previous game called 'Diablo.'"

Programmers in the gaming industry are still coding in a negligent manner, Graham concluded. "We will continue to see such problems in online games in the coming years."

Next Article in Gaming

Nintendo's Wii: Can It Compete?
November 20, 2006

Nintendo launched its new Wii game console this weekend, but whether it's sufficiently armed to compete with Sony's Playstation 3 and Microsoft's Xbox is still an open question. The Wii's major distinction -- its innovative remote controller -- is an intriguing offering. However, the Wii "is not a groundbreaking development" overall, Yankee Group analyst Mike Goodman said.

More by Erika Morphy

Cisco Adds New Technologies to Collaboration Tool Chest
November 09, 2009

Cisco has launched new collaboration tools designed to make it easier for businesses to work closely with their partners without creating security risks. They also provide a receptive platform for the increased use of video and social media in the enterprise. Cisco introduced three new network devices to support the collaboration tools.

Windows 7 Flies Off the Shelves
November 06, 2009

Early sales figures on Windows 7 boxed software suggest a high level of consumer enthusiasm for the OS. Unit sales were a whopping 234 percent higher than Vista's out of the gate. The revenue haul was not as impressive, as Microsoft offered sharp discounts to spur presales. Also, sales of PCs with Windows 7 preinstalled have been lackluster -- but October is historically a weak month for PC sales.

Southwest Doesn't Fool Around
November 06, 2009

Either Southwest Airlines had better deals for my favorite route than its competitors or its superior Web site tools made it easier for me to ferret them out. Either way, kudos to Southwest. In the not-so-hot department were the airline's long list of what passengers weren't allowed to do and its very short list of what Southwest was obliged to do for them. Left me feeling a little chilly.

[Search More...]

MySpace	Activate Alert \| Search Archives

YouTube	Activate Alert \| Search Archives