Monday, November 19, 2007

Multiple SL banks rocked by 3.2 million L$+ heist from atm scripting vulnerability.

I logged on to another bank failure looming on the horizon this morning in second life. The problem with the SL financial community is there is a notable lack of testing of the security of atms before their implementation and some of banks tend to find out about their weaknesses after the fact. Well, this appears to be the unfortunate case with LNL. They thought their atm secure, deployed it, and now they're 3.2 million dollars down the gutter with an alleged hacker(s) heisting 3.2 million from their systems.

One of these days the banks will learn to keep balances in separate avatars and use monitoring scripts to move money around to prevent abuses. The world of "I can withdraw as much as I want when I want" really needs to go, it's not realistically feasible in this environment and poses a massive security vulnerability.

Of greater concern, Lindsay Druart stated that JTF/CAPEX's atms are programmed by the same programmer. However, I wish to note that JTF (the bank) has been around since before this exchange or even LNL existed, I do not believe most of their programming is by the same programmer and highly doubt that the same vulnerabilities exist but it's still a concern since the one that Lindsay has claimed did their programming, Unoti Quonset, is also the programmer of the Second Life Capitol Exchange, or SLCAPEX. Unoti has contested the claims that he is the direct programmer of LNL/JTF/SLCAPEX you can see his statement in the comments and the response of Lindsay Druart.

I think we just need to get a clarification from CAPEX as to who did their main bank and withdraw programming. This said, it did unnerve me to see Unoti Quonset at the atm at the same time we were having this conversation. I'm not sure of his role in all of this outside of programming, but it was rather questionable. Perhaps just bad timing... I hope. Unoti, if you're out there, I'd really like to see your response to the claims being made, you more than anyone should know how your programming works. I'd also like someone to tell me how one "hacks" an atm that operates on text entry commands. Based on my understanding of programming it'd be almost impossible to do except for if the coder left back door commands in the system. Unoti Quonset has since contested these statements saying he had nothing to do with the coding of either CAPEX or LNL. Given the expanse of the potential banks affected however, I am still nervous about putting my funds into institutions til I see who will pop and who will not.

LNL was not approved on my watch, but under the reigns of Investor Allen who managed most of the deal personally. Investor Allen began to show a very shady history after the sell of his exchange. There was a lot of verbal sparring on the initial listing conditions, but after AVIX was sold to CAPEX things seemed to calm down under the new management and Lindsay was even given a management position briefly for the exchange.

I think it's going to be a while before we get the whole story on who or what is exactly at fault. Lindsay says she's in fervent talks with Linden Labs in an attempt to get concierge assistance on the 3.2 million dollar theft. If they do not intervene it's highly likely LNL will go insolvent. This leaves a big question as to what will happen with the WSE listed LLL. According to this post by Lindsay said there was no exposure to the bank from her own real-estate company that they only had a fraction of cash in there on deposit to use to purchase some new sims, but having your leadership and finances co-mingled can be a messy affair to try to resolve with investors in the courts of public opinion.

Best of luck dealing with Mr. Linden, Lindsay, you're in my prayers.

Appended note: Someone reminded me that a couple weeks back LNL briefly halted trading and their atms were removed for reworking. According to their announcement history there is a record of atm and web page difficulties. I'd like to know who was responsible for the most recent update. They also pointed out to me the growing financial struggles of LNL in the history of the firm.

Given the current crisis I cannot morally maintain the link to their website on this blog, it has been removed from the banks section, but you may view it here for research purposes. Do not deposit at this time if an in world ATM becomes available until further clarification on these incidents is brought to light.

Did I mention this is the second bank collapse and supposed ATM heist that Lindsay Druart has been tied to? The last such collapse ocured on the World Stock Exchange, under a now non-existant ticker symbol. They took in the customers of that particular event in an attempt to restore what was lost. Supposedly, Lindsay was to be a hero and save those accounts. What now?

Update: Ah, I found a remnant of that old bank through google. It was the Touchet Group Corporation. I could not find a link back to the actual company symbol. If you note, on the page with the information there, it notes the ticker symbol as (RMV). That's one of WSE's ghost (as in dead) shell (as in rotting husk that no longer exists) companies. It was headed up by the infamous JC Brink. Lindsay got one of their sims from him. And the story was the same for that collapse. Rogue agent, broken atm coding. I smell a pattern and regardless of who is responsible it needs stopped. Diligence is the responsibility of the bank operator.

Did I mention that when the WSE was hacked, that it also lost 3.2 million linden? If this is the same crook they're walking away with $20,000.00 USD.

For more info on this past failure, visit the following links: Fraud Ghost Hits At SL Banking System, Lindsay Druart, CEO LLL's official account of the TGC incident on the WSE, Taran's TGC investigation.

Has anyone ever heard the phrase, "Fool me once shame on you... Fool me twice..." When do we start seeing CEO accountability for transaction security?

How ironic that LLL is amid secondary offer on the WSE for just a little more than twice the amount that LNL was breached by or equal to the sum of supposed thefts against LNL and the WSE combined. What an interesting coincidence. REVISION: Thanks to encouragement in the comment area and the help of Lindsay, I discovered that WSE misleadingly/alternatively mentions the current outstanding shares of the company instead of the outstanding shares in the issue, which can make the issue seem much larger, the actual issue is around 640k. This greatly relieves me needless to say.

20 comments:

Unoti said...

I did write the code for SLCapex, and LNL, as you well know, Maelstrom. I don't yet know how this happened yet. I'm researching it now.

Unknown said...

That's a whole lot of pointing fingers you are doing there Mael.

I've talked to Lindsay about an hour ago, and while she was working hard to find out what went on, and how things could be reversed or saved, she took the time to answer my questions and remarks.

In regard to the comment about the "growing financial struggles" of LNLBT, I think different. Is it wise to pay out 0.1% a day if the bank doesn't make that much? Not if you ask me, so in order to ensure the long term survival, one has to take unpopular decisions and cut back rates. All of this was discussed on Lindsay's blog for everyone to react to, and numerous people did, and the discussion heated up at certain times.

I can only hope that you're blogging all this in the best interest of the market and SL residents, but I can't help but read a bit of personal negative sentiment towards some people involved in LNLBT and LNL.

Disclosure : Investor in LNLBT, LLL and LCA (amongst many other publicly traded stocks on various markets).

Maelstrom said...

I have no negative sentiment for LNL or its staffing. What I do have is a lot of suspicious history, claims and counterclaims on programming that I am sorting.. and an open comment box for folks to help me bring to light the truth of what is happening. I have discovered that the impact of this issue is expanding and that other banks have supposedly been affected.

That said, everything I've posted and linked above is the truth of the history. It is not meant to be a judgment, merely information to be assessed.

Unknown said...

Thanks for that explanation, Maelstrom. I'll be reading the updates on your blog as new developments occur and react when I have anything to add or comment upon.

Lindsay Druart said...

Ok, let's peg this down piece by piece because it seems the Dragon lies.

This is not an alleged hacker. Four banks, currently, were hit with 3 of them taking losses and the other actually returning 1.7 million to Linden Labs.

Also, the ATM has a withdrawal limit fail safe for daily transactions. Mind you, if they use the ATM for the transaction.

JTF/CAPEX and LLBT do run on very similar platforms as JTF was converted when AVIX was purchased.

Unoti was checking ATMs to see if he could find a hole. Common for a coder to do might I add.

LNL was approved on Mael's watch because Mael did the press release about it when I went to IPO. Don't skate out of it Mael.

Our coder and myself are working with Linden Labs to resolve the issue. As I have stated numerous times, the L&L Branded companies are separate and that is why this does not affect any others.

We did not remove ATMs a few weeks back and I did halt trading for a discusssion with my shareholders that is located on my blog. We had ATM difficulties at the beginning of the bank and have not had one since Unoti built the system. About a month ago a DDoS attacked our box and we were offline for about 2 hours and back up and running with no issues.

All ATMs have been pulled ANYWAY to not have failed transactions and all depositors have been notifited.

And you are damn right I stepped in when Second Life Investment Bank collasped. I didn't want people to lose money. I have worked diligently for my depositors then and I will still do it now. I don't have to sit around and flame people, Mael.

Second Life Investment Bank went bankrupt because Linden Labs took 150% of stolen lindens that were deposited as per their TOS. That bank was not hacked so there is not stinking pattern. This is NOT what happened here.

The L&L Credit Reporting Agency IPO is for $1,250,000 which is escrowed at WSE and the L&L Rentals and Sales secondary was for $1,500,000 of which $684,484 of that has NOT been issued. Last time I checked, that does not add up to 6.4 million as the dear dragon is suggesting.

So to end this post as I have taken off both my job today to plug through this....

Fuck you, Maelstrom and go to hell.

Have a pleasant day.

Maelstrom said...

A couple minor corrections.

I did the press release, but I wasn't in on the approval process. That's one of the few Allen over-rode me upon.

Hell Lindsay, I'll even admit I bought your stock at IPO.

Yes, it is an alleged hacker, until it is a hacker discovered and in shackles.

No, the dragon doesn't lie, but he does look into research and related information and he's sorry how it looks and that you're pissed off about it. I can't blame you, but I cannot hide facts either. That'd jeopardize my morality.

Thank you for the corrections and your explanation of what is occurring. I hope you have a nice day to and I wish you the best of luck finding a resolution for this situation.

Maelstrom said...

As for the LLL ipo, do you not agree that right now..

LLL 2,652,036 is being issued..

340k some of it is still up for offer at 2.00/ share?

If so.. what is 2,653,036 x 2 plus your credit reporting agency issue?

I'm sorry Linds, you can't just count the public issue for capitol raised, stock markets don't work that way. You still have the right to possibly obtain as much as 5 million or more in value from that issuance.

Lindsay Druart said...

That is the total with the shares that were already there you nitwit! LLRS had 2.24 million shares already issued before the secondary. The secondary was for 750k shares. You are a bumbling idiot and I wish you would ask questions before attacking people

Anonymous said...

Mael,

The expression pot, kettle, black comes to mind.

CB

Maelstrom said...

Ah, okay, I see now, THe 2.5 million is already out there as part of LLL, but the 340k is the new issue. I wish WSE made better clarifications that that was existing OS.. not OS being issued.

Anonymous said...

JC Brink = Lindsay = new hacker

watch for someone to spring forth and save this heist to. only to repeat in 3 months.

or maybee lindsay will use lll / lcl to save lnl to the demise of shareholders and bennifit of herself. theres a patern of her fucking shareholders to make a dollar, while crying "im the good one"

/me remembers her using lnl funds to create lcl, then trying to ipo lcl seperately at the wse, without any credit to lnl shareholders. which would be great for her, bad for lnl.
this was corrected, but the attempt was made and not forgotten.

i wouldnt be supprised if lnl does fail, and in a month or two when we forget about it, lindsay somehow manages to "put all of her RL funds in" for another growth spurt.

holy hell, that reminds me... didnt lindsay put a bunch of money into an ing RL account for the company? shortly after JC Brink stole alot of cash.

Anonymous said...

That last insignificant comment from 'anonymous' should be deleted. Reading it was a complete loss of time. This virtual board would be put to better use by us giving full support to Lindsay and offering our assistance if needed.

Anonymous said...

Oops - forgot to sign. Indeed, when you don't slander, you don't need to hide, do you?

Valerian Dryke

Maelstrom said...

It's either freedom of speech or no-post nazi. I prefer it this way.

Unknown said...
This comment has been removed by the author.
Unknown said...

What is lcl? Are you referring to the Credit Reporting Agency LLCRA is the correct abbrev. (has sometimes been referred to as LLCA however) Let me point out that each of the 3 L&L businesses run separately from each other. Separate avatars to hold the cash (none of which are personal avi's I'll point out), separate financial books, shall I go on? They share a common brand name.

LLRS has donated land for LLCRA to function off of, but your inferance that IPOing the LLCRA on the WSE as some evil scheme is a bunch of poo. Shall I point out that LLRS already operates on the WSE.

Mateo Infinity

Anonymous said...

Yesterday, 21:44
Lindsay Druart Re: Current Dilema
I have also been in contact with our investment manager for our USD holdings. Some of our funds mature early to mid December at which point we planned to bringing the funds back in game but I should have an idea within the next few days what early termination will cost us and if it is viable with the end being so close. I will update the market on that as information becomes available.


was just browsing the capex fourms. saw this post.

I TOTALLY FUCKIN CALLED IT!

and initaly llcra started out as an lnl project, started with lnl funds, and was publicised to be an lnl asset at many meetings.

then, lindsay decided she would make more if llcra was its own entity, and went to ipo on the wse. forgetting all about the lnl shareholders.

only after being called on it in the capex fourms did she make any consideration toward giving lnl shareholders their fare share. initally she just wanted to build llcra with lnl money, then ipo it seperately so she would have a huge piece, and lnl shareholders none.

interestingly enough tho, you dont talk about the other points i bring up.

yesterday i said it wouldnt suprize me if she appeared with some money from rl resorces once this blew over. then today i read that mid december she would. ..... i wonder how much of the missing L$ will manifest itself as this injection from her rl funds.

Anonymous said...

Hi Maelstrom,

The ticker symbol RMV stands for "Removed" and is assigned to all ticker symbols used by removed companies.

MouzurX Wise

Maelstrom said...

Wise: I pointed that out myself.

Maelstrom said...

Perhaps it should have been better phrased, "Rotting Hulk", "Derelict", "Decayed and Burried".