Slashdot Mirror

← Back to Stories (view on slashdot.org)

Second Life Hit By Massive In-Game Worm

Posted by ryuzaki0 on from the don't-touch-that-ring dept.

An anonymous reader writes, "At 2:46 CST today, the game Second Life was hit by a massive attack by a rogue programmer. Spinning gold rings began to appear in the air and on the ground, and as users interacted with them they began to chase and replicate. Apparently, most people are willing to touch an object they've never seen before and this invoked a worm script that was designed to multiply and spread across the 2,700+ servers run by Linden Labs in California, the game's owner. Many of the six hundred thousand active users experienced serious lag and lost connectivity to the servers, making it one of the largest known denial-of-service attacks in an online game. Linden Labs had to invoke martial law and lock out all logins by users except their staff as they began the task of cleaning the servers of what they began to term 'the grey goo.'" Comments in the SL blog entry indicate that Linden Labs had already deployed a "grey goo fence" before this worm struck, but someone found a hole in it.

12 of 249 comments (clear)

  1. Not just misleading, but factually inaccurate too! by GuruBuckaroo · · Score: 5, Informative

    First off, there were only about 14,000 people on the system at the time, not 600,000 as indicated in the summary. Second, while they did lock out new logins, it should be pointed out that any user who was currently online was not kicked off - and the period of "martial law" lasted about 20 minutes.

    Of course, if there were 600,000 users on at the same time, the "game" would be unplayable - it's tough enough when it gets over about 10,000 right now.

    --
    Poor means hoping the toothache goes away.
  2. Re:Someone please explain by GuruBuckaroo · · Score: 5, Informative

    Calling it a 'worm' is kind of a stretch. It does not affect your local computer, it affects the view of the world in your local client. It doesn't run code on your computer, it just adds extra "in-game" items that automatically duplicate themselves and clog the Tubes.

    --
    Poor means hoping the toothache goes away.
  3. Second Life needs a new name by TekPolitik · · Score: 1, Informative

    Linden Labs had to invoke martial law...

    Some people seriously need to get a grip. This is all ones and zeroes - comparisons with "martial law" are just silly. Second Life needs to be renamed to give its users a much needed message - namely, Get A Life

  4. This one wasn't much to write home about afaict by ka-klick · · Score: 2, Informative

    I was online when this thing was attacking, and it never seemed to get to my sim - I saw the notices, and the web notice that they'd locked things down to linden login, but they let anyone there stay. It was laggy, but that's not that unusual these days. At least with this one, the grid was never fully down (if you were already in or didn't get booted) and the Lindens were able to contain and clean it up pretty quick (unlike some of the marathon outages caused by goo of the past). Total offline time for this one was about 1/2 hour.

    A clarification - even if there are currently ~600k active user accounts there are usually only ~10K or so online any given time of day.

    Anyway, I'd say the overreaction to copy bot did more damage to SL as a whole than this thing did.

    Yawn.

    --

    MSRP - Tax, Title & Licence Extra Your Milage May Vary

  5. Re:Someone please explain by DarkAxi0m · · Score: 5, Informative

    every object you create in SL can have scripts http://en.wikipedia.org/wiki/Linden_Scripting_Lang uage added to them, that fire on different events, ie touch, never ending loops or the right click menu etc.
    some of the commands let you create/spawn (i cant think of the word they use) other objects, like rain, or stars that follow you as you fly around. These objects in turn can have there own scripts too.
    i don't know my self how they normally stop never ending loops of created objects other than them asking people nicely not to do it.
    Some people have asked to able to disable the scripts but this, i think would have a to greater effects as every thing, doors, cars, lifts, dance club lights etc use the scripts.

    i don't mind it, as long a people remember that its really just a glorified chat program with scripts, ie irc with a gui /fish

  6. Re:Someone please explain by Anonymous Coward · · Score: 5, Informative

    Huh? By definition a worm is a self replicating program or algorithm that causes harm, even if only by using bandwidth, network, or computer resources.

    That is exactly what this worm did.

  7. Re:Screenshots? by Erazmus · · Score: 5, Informative

    I found a screenshot over at Snapzilla.

    --
    BroadbandPig
  8. Re:And it was just getting good by Rob_Warwick · · Score: 2, Informative

    Turing complete refers to a language that's capable of emulating a Universal Turing Machine. It has nothing to do with the Turing test except for who it's named after.

  9. dumbest slashdot story ever by pmonje · · Score: 2, Informative
    Did anyone read this before posting it? the figure of 600,000 was pulled out sof someones butt. I have never seen more than 25,000 people on SL. It's certainly not the largest denial of service in the game, in fact script attacks like this happen almost weekly in SL and always involve cutting off new log ins. I've never heard them use the term martial law and the supposedly new term grey goo has been used for months and months in realtion to these self replicating object attacks. The in-game scripting makes this sort of attack childs play. This attack is barely news even within SL. Even a cursory glance at the page linked will tell you all of this, but apparently not even the posters read their own links now. I think I'll start submitting random weather reports to slashdot, I'm sure some of them will slip through slashdots crack staff and be posted.

    on a related note, why can't we moderate stories as "-1 posted by an idiot"?

  10. Re:PR Stunt? by joshv · · Score: 2, Informative

    Really? Are you suggesting they made it up. I was there, it happened.

  11. An abridged history of SL DoS attacks by tony_ratboy · · Score: 3, Informative

    This latest attack isn't the newest or most severe Second Life has experienced. In October 2006, a glut of attacks followed a vague "terrorist" threat uttered by self-replicating objects. In April 2006, three major attacks took place. Almost a year ago today, Linden Lab blocked a DoS attack by deploying a giant virtual firewall in-world, but I don't think that method is still used. Linden Lab had suggested earlier this year it would bring DoS attackers to the attention of law-enforcement agencies, but the results (if any) have not been publicized.

  12. Please by Anonymous Coward · · Score: 1, Informative

    Sorry I don't have an account here, but that's ok :) I am Traven Sachs in Second Life, and I run Wolfhaven Productions, a Second Life based business. For those of you who don't know - Second Life is a 3D Virtual world with a contiguous 'grid' of 'regions' (think counties) we call "sim's" (short for simulator). A person can literally 'walk' from one side to the other... takes a while, but oh the sights you'll see! In any event, objects and items created in-world by someone can be 'scripted' or programmed by the creator to DO different things. Sometimes the programming added to items can be set up to do malicious things like create a self-replicating device that runs amok and complete out of control. The same programming could be used to make self-spawning CONTROLLED objects as well that are by no means malicious. You might say at this point... well - if it can be used to do harm like that, why leave it at all? Because MOST folks interacting with Second Life are responsible individuals that are there to enjoy themselves. The creators of Second Life have been improving the in-world controls over the past year to help prevent malicious attacks and code from spreading and downing the grid. Some will point out that the grid WAS down. Actually it wasn't... It was Closed to NEW logins... but anyone already in-world was still there, including the clean-up crews. The grid didn't go down... folks just had to wait in line until they swept the theater clean of refuse (so to speak). :-) Now, on a final note let me point something out... I have been in Second Life since September of LAST year (2005). The first 'grid attack' I experienced downed the grid completely for HOURS and caused major amounts of content to be deleted in-world... entire buildings and structures just 'vanished' before my eyes (just before I was kicked off).... Now, we have a grid attack, and 9 times out of 10, most residents who are currently logged IN to Second Life may not even be AWARE one is happening, because the clean up crews at Linden Labs have developed ways to stop them that much quicker. Not perfect, but... FAR better than it used to be.... and STILL improving. :-) If you want to know more about Second Life, check out http://www.secondlife.com/. :) With warmest regards, I remain ~Traven Sachs Wolfhaven Productions http://www.wolfhavenproductions.com/