SL Crime Wave! – L$3 Million Bank Heist!!!

by Jessica Holyoke on 20/11/07 at 6:15 am

Were weekend griefing attacks a cover for banks jobs?

by Jessica Holyoke


Possibly in conjunction with the many griefing attacks of this weekend, the SL banks have been hit by hackers.  L & L Bank and Trust reports that 3 million Lindens were stolen through a hack on an ATM by avatar Hamid Jewell.  This was following an exchange from avatar Betatester Allen that deposited $10 million in Lindens and then withdrew $20,500 L.  While L&L Bank and Trust is waiting for help from the Concierge and Governance teams in getting the money back, other banks are being vigilant regarding their balances. 

Second Life Investor’s Bank reported suspicious activity with deposits of fraudulent Lindens, but no damage was done to their bank.  Second Life Business Bank was also hacked into today, but the owner, Anre Heron, was able to put their ATM’s offline.  BCX Bank had an attempt on their ATM’s today, but according to Travis Ristow, the Linden Risk API and their own security systems were able to recognize the avatar in question before a deposit was made.  Intlibber Brautigan reported no attacks on BNT Financial.  JT Financial and SL Capex also reported no incidents of attacks.


TNW Bank’s ATM’s were almost hacked into but the server encryption kept the hacker out. According to TNW owner Lex Fitzcarraldo, the hacker then took over a management account and deleted the mall and club on their island.  Currently, the mall has been rebuilt on TNW while the club is still being worked on.


With the hack into the ATM’s, it appears that this might be a concentrated attack on the banks, as opposed to one member embezzling funds.  Is the hacks due to common script vendors for ATM’s?  More investigation is being conducted on the fraudulent linden balances and whether there is an exploit with the server.

24 Responses to “SL Crime Wave! – L$3 Million Bank Heist!!!”

  1. nimrod Yaffle

    Nov 20th, 2007

    It’s interesting that that many ATMs can be “hacked” at the same time. Either A) There is a new exploit, or B) they were using the same scripts. What also makes it interesting is that an actual account was “hacked” as well.

  2. nimrod Yaffle

    Nov 20th, 2007

    This is also why I never keep my money in banks in Second Life.

  3. nimrod Yaffle

    Nov 20th, 2007


    “Possibly in conjunction with the many griefing attacks of this weekend, the SL banks have been hit by hackers. L & L Bank and Trust reports that 3 million Lindens were stolen through a hack on an ATM by avatar Hamid Jewell. This was following an exchange from avatar Betatester Allen that deposited $10 million in Lindens and then withdrew $20,500 L. ”

    So, someone hacked the ATMs out of L$3mil, right after a suspicious L$10mil was deposited? That still means the “bank” is up by L$6mil…. Or did I read that wrong?

  4. Marc Woebegone

    Nov 20th, 2007

    What’s an “exploit”?


  5. Observer

    Nov 20th, 2007

    When will people learn that putting their money in an online computer game ‘bank’ is stupid?

    Just like the Ginko fiasco, when people try to be smart and buy and sell unregistered, unlicensed ‘stocks’ and ‘bonds’, they are going to get burned.

  6. Bennie

    Nov 20th, 2007

    “So, someone hacked the ATMs out of L$3mil, right after a suspicious L$10mil was deposited? That still means the “bank” is up by L$6mil…. Or did I read that wrong?”

    Yes. It says that a 10 mil was deposited, after which 20,5 mil was withdrawn. So that alone makes -10,5 mil for the bank.

  7. Jessica Holyoke

    Nov 20th, 2007

    My apologies. I did so many rewrites late last night to get this published quickly that a few points were self edited out.

    Betatester Allen deposited fraudulent Linden dollars, or counterfeit dollars. L&L Trust does not have the right to keep that money. According to the ToS, a fraudulent exchange can see the buyer lose up to 150% of the fraudulent exchange amount, one of the concerns of L&L trust.

    The two means of attack on the banks were hacking into the ATM software, which some banks were able to beat back and some were not, and depositing counterfeit Lindens, with attempts made on more than one bank. Counterfeit Lindens, although inaccurate, makes more conceptual sense than fraudulent Lindens, which is the commonly used term between the banks and in the press release.

    Photo notes:

    1st photo: Standing inside L&L trust with the ATM’s removed from service.

    2nd photo: Outside Second Life Business Bank. The logo states what some people say SL is all about.

    3rd photo: A vendor area specializing in ATM scripts.

  8. Anonymous Poster

    Nov 20th, 2007

    The only thing that surprises me about this is that it took so long for this attack to happen.

    The tools that are provided in LSL for encryption, authentication, and establishing electronic trust between scripts are all broken and implemented wrong.

    ModPow() is used pretty much exclusively in public-key encryption but the LSL version only works with 16-bit number; whereas a minimum of 1024-bit numbers is currently considered acceptable for public key and real banks use much larger public-key sizes.

    MD5 is implemented completely wrong, as is XOR and there are no other tools available in LSL that are specifically designed for encryption or digital authentication.

    The fact that a few dedicated and knowledgeable scripters have managed to implement XTEA and SHA1 in LSL still amazes me.

  9. nimrod Yaffle

    Nov 20th, 2007

    Beanie: It says “$20,500 L.” Not mil.

  10. nimrod Yaffle

    Nov 20th, 2007

    Jessica, do you know if they were all using the same ATM script? (Or variations of the same one?)

  11. Artemis Fate

    Nov 20th, 2007

    Why are there still banks in SL anyways? Who’s putting their money in banks? I would think that if the whole concept of sticking your money in a virtual bank didn’t seem stupid enough as is, that the ginko financial fiasco would have supported that idea and proven that there are heavy risks to be had here.

  12. Tenshi Vielle

    Nov 20th, 2007

    Um, hai. Dis is Commun Sense checking in. Y do U continue to leve munies in banx that R not govrn’d? Kthxbai.

  13. RoFLKOPTr

    Nov 20th, 2007

    I lol’d at your spacemonies being “heisted”.

    btw, it had nothing to do with the Patriotic Ni/gras (YAY FOR WORD FILTER!!!), it was entirely coincidental.

  14. Aya Pelous

    Nov 20th, 2007

    Being that it is really stupid to have your l’s in a bank when you perfectly sit with a balance every time you are on the grid these people who keep “investing” in these banks deserve it. Not only do they deserve it-they deserve to be lined up somewhere on the grid and be shot at, laughed at and then banished from SL. But then again…this is just my world we are talking about.

  15. Adam

    Nov 20th, 2007

    The banking and stock exchanges are the biggest joke in Second Life. Nobody is stupid enough to continuing throwing ther money away to these bunko schemes. Interesting that all the “banks” were hit except one. Hmmm….

  16. Bob Barker

    Nov 20th, 2007

    The SL wealthy who invest and lose lindens in “banks” : I have no pity for.

    If he/she would stand atop a building at Welcome Island or Welfare Island and make it rain on the poor with their folded lindens (not the change-may put an eye out): THAT would be more respectable. :)

  17. Jessica Holyoke

    Nov 20th, 2007

    @ nimrod yaffle

    It was suggested that the banks that were hit by hacks used the same script vendor, but I didn’t have proof of that when I was gathering information for the article because each bank was a little busy at the time. I suspected it, which is why I included the photo of the script vendor that provided the script for SL Business Bank.

    @ roflkoptr

    It was a suggestion that the two were related, but there is no proof of that.

  18. Tomhaz A'Bucket

    Nov 20th, 2007

    I’m in ur b4nk, steelin ur lindens…

  19. DaveOner

    Nov 21st, 2007

    I predict that this type of story will keep happening on a consistent basis and no longer become news thus no longer being reported…much like drive-bys in Compton.

    Banking in SL will continue to be retarded until SL goes completely open source and/or some sort of ID verification system is setup so your RL identity is tied to your account and is somewhat accessible…just like regular internet transactions are now.

  20. d3adlyc0d3c

    Nov 21st, 2007

    Hmmmmmm, I had no idea. Nope, no idea at all this happened. Just fucking amazing. Whoever did this I’m sure he is pretty elite. Yes, he sure is.

  21. Typo

    Nov 22nd, 2007

    Its interesting that this story made headlines in the herald but there was not one word said about the whole MIDAS bank fiasco….You all know what I’m talking about where the WSE refused to make its quarterly payment then decided to keep the 3.5 million Midas had invested and declare Midas bankrupt…

  22. Jessica Holyoke

    Nov 22nd, 2007

    @ Typo

    I know about both Midas bank and the Allenvest financial liquidations and was planning articles on both, but with more detail. I wanted more information from Midas Commons before I started writing so I could compare the two actions.

    And with the SLEC trying to step in with the WSE, I also need some time with them as well.

  23. Tyrian Camilo

    Nov 25th, 2007

    I made a 2nd blog posting out of all this, how we had no problems, and why security is a routine not a feature etc.

    Should give some people more insigh to the incident etc. :D
    So head over to
    and read it for more details :)

    My first blog posting was: for those interested :)

    To clarify: LL took back that 10mil L$ deposited to LNL promptly. I infact had even my account suspended for it! So infact, this STARTED way worse for me than the others.

  24. dick burns

    Nov 25th, 2007

    you can be sure that if the n/igra/s took the space monies then they already turned it into liquid assets… and by liquid assets i mean lemonade and grape drink

Leave a Reply