Spammers are disseminating a new illegal SL client under my name [UPDATED AGAIN]

Hi! If this is the first time you’re visiting my blog, you’re probably looking me up because you received a spam notecard announcing a new SL client, “Neil Life”, which allegedly has a lot of illegal features — among these:

reenabled control alt shit t like cool viewer to get texture uuids plus mine also grabs sculpt ids. But Please respect permissions.

Modified the copybot patch but still please respect permissions.

You should be thrice warned. First, the spammers are using notecards (apparently translated in several languages; I got one in Portuguese) that bear my name as owner. They very likely got one notecard from me with full perms (there are so many around…), changed all the text, and send them to others from objects called “Gwyneth Llewelyn”. That’s as far as I’ve been able to track down; from there on, stopping the “chain letter” effect of people circulating those notecards is very hard. So far, I haven’t been able to find someone proficient enough with Second Life that managed to figure out the location of the spamming object, so that it can be reported to Linden Lab, deleted, and the owner of it permabanned for violating the Linden Lab Terms of Service for Second Life (impersonating another user; spamming/chain letter; distributing a tool that violates the Terms of Services regarding illegally modifying other users’ content without their permission).

Secondly, this notecard will point you to a link on 2shared.com, where you can download a RAR file which contains a Windows-compiled version on this so-called “Neil Life” SL client (mentioned on 2share.com as “Client with copy and permission change functions.”), with the full source code. 2shared.com got an abuse report from me, but, at the time of writing this post, they haven’t deleted the RAR file yet (they seem to host these files completely anonymously and probably ignore all abuse reports). So people are still downloading it (8 downloads since my last visit there). Do not download this file (specially if you have a Windows computer). Even if it shows free of virus, anyone who creates an illegal SL client really doesn’t stop at that. It might, just like the infamous vLife, simply steal your password — you’ll never notice it until one day you log in with another client and see your L$ have disappeared (and if you’re a content creator, it’s highly likely they will steal your content too, if they caught your password). I have not audited their code, since I don’t have enough experience to do that.

And thirdly, more important for me, I have absolutely nothing to do with either “Neil Life” or anyone currently spamming other users with notecards bearing my name. Most of these notecards are quite old, possibly even from 2004 or 2005, from a time where nobody thought of spamming other users with fake identities. I’m just a victim too.

I should say that my abuse report to Linden Lab (#1606110) might probably be ignored since I couldn’t identify either the creator of the spam item or of the “Neil Life” software. So I’d naturally appreciate if anyone gets the notecard, or any information related to the creators of the illegal software, and report it to Linden Lab as well, or, if you prefer, to let me know so that I can follow up on my own reports.

Thanks so much for your understanding.

[UPDATED] A friend of mine, who prefers to remain anonymous to make sure she doesn’t attract the anger of trolls, has managed to get 2shared.com to stop distributing this file. So at least, for now, the notecard will be pointing to a wrong link, which will reduce the number of downloads (23 at the last count).

Unfortunately, the file is also available on BitTorrent, and it’s going to be way harder to stop that.

On the other hand, I’m very grateful for the many popular in-world groups who have been sending out phishing warnings about this new client through the notices. Many, many thanks to you all! You’re all awesome!

Thanks for the re-tweets, re-Plurks, and all the effort made in disseminating the warning. The only thing I fear is that people with malicious intentions are now very aware of the existence of this SL client… but, alas, that’s always the problem when you expose security issues in public.

[UPDATED AGAIN]

Some of the warnings being spread in many groups inside SL are not properly worded, and, although they correctly point out that people should never download this “Neil Viewer” mentioned in the notecard, they also tend to imply that I’m somehow the creator of this viewer…

So, yes, the warning is correct in one regard: do not download the viewer.

But the real creator of this “Neil Viewer” seems to be one Neil Elton, who posted on the Official Second Life Wiki the description of something he calls “Emerald Neillife Viewer” which has pretty much the same functionality described on the notecards. Thanks to Zai Lynch for this incredible performance in digital sleuthing! While everybody is innocent until proven guilty, I’ve dutifully reported Neil Elton to Linden Lab, and it’s now up to them to talk with this guy to see if he really is the author of the “Neil Viewer” and of the modified notecards being spread around bearing my name as creator.

Many thanks to Hamlet Au who posted a warning on New World Notes.

Sadly, there are more similar viewers around. Kabalyero Kidd has written an article about another viewer with built-in copybot functions. While one might argue that copying content is technically impossible to prevent, it’s also true that Linden Lab has been way more aggressive with anyone using these kinds of tools — and, on the other hand, these viewers tend merely to be phishing tools. Again, I haven’t examined the code of any of them in detail (as said, I have not enough experience to do so!), but we all remember the drama with vLife some months ago…

About Gwyneth Llewelyn

I'm just a virtual girl in a virtual world...

6 Pingbacks/Trackbacks