By Meghan Malinowski

Computer’s in today’s society serve more than just a device to do research on and type up term papers. Computer users are now able to converse with others from across the globe and broadcast web images and live movies. People have the ability to connect and share their entire lives across the computer, but for some, this connection may be the only connection to others, or it may not even be their life that they want to connect to others with. Popular games such as Second Life and World of Warcraft allow people to become whomever or whatever he or she desires to be in the virtual world. As in the real world; however, money is needed to get by. These innocent people that play these on-line games are now facing real world problems that they may have been trying to avoid in the first place. This report details these all too common problems that people in the virtual world are forced to come to terms with through the use of research articles and interviews.

Since beginning in 1975, computer role playing games have grown extremely rapidly and are now an enormously profitable business. With 25% of the virtual world players playing at least thirty hours a week, the online gaming market has grown 288% from 2002 to 2005 and has exceeded $1.1 billion in revenue and is predicted to triple by next year (O’Reilly). This real world money that is being made in the virtual world and converted to real world money is beginning to suffer from the real world problems of identity theft and virtual assets, extortion, and terrorist attacks. With the ages of these criminals between the ages 15-20 years old and without a full time career to worry about, it is all too easy for them to sit at their computer waiting for the perfect target.

The game Second Life is a “3-D virtual world created by its Residents” (Second Life) that has been up and running since 2003 and now has millions of users. From the moment a user creates their own “avatar”, or image of themselves that they want to present to the virtual world, they are free to roam the world to set up a house or business. From the moment the user decides to buy their avatar a shirt or a new pair or shoes, the user opens him or herself up to an even bigger world of problems.

The residents of Second Life “retain intellectual property rights in their digital creations, they can buy, sell and trade with other residents” (Second Life). Users of second life can create clothes, furniture, weapons, dance moves, and even names for other users to buy. Users of World Warcraft, for example can even create their own characters, play them until they become powerful, also known as “leveling up”, and then sell those for money. “I watch my dad play World of Warcraft”, says Josh Morgenstern, a recent graduate of Virginia Tech, “and he just sold one of his characters he leveled up and got a couple thousand dollars from it”.

For the user to buy that shirt or new pair of shoes, a credit card is needed. The “marketplace” in Second Life supports millions of US dollars a month. This monetary system is “handled with the in world unit of trade, the Liden dollar named for game creator Linden Lab, which can be converted to US dollars at several thriving online Linden dollar exchanges” (Second Life). The exchange rate between the United States dollar and the Liden is 271 Lidens for one United States dollar. One United States dollar is just enough to buy an avatar a basic outfit. Since this computer game phenomenon, many banks “have already announced their plans to open virtual branches- a move that would eventually combine all the known risks of internet banking with the risks of virtual identity and data theft” (O’Reilly).

These online worlds or communities are so large and intricate that they require permanent internet connections, so exploitation of vulnerabilities in an online game could be used to steal user data from both real and virtual environments. In many cases, the economies of virtual worlds have been hijacked by cyber criminals attempting to hide their profits through the exchange of virtual currencies because as virtual items become more rare or more difficult to achieve, their value creates a fiscal worth in the game’s currency and real life.

The clearest case of cyber crime is identity theft. In the United States, citizens receive a Social Security number that serves as an identification number. This number is used to collect taxes and many corporations use the number to keep track over their employees, students, and patients. The number on one’s credit card, like the social security number, can be used to not only steal a person’s identity, but even reconstruct one. The hackers that get these credit card numbers off of virtual on-line games use them to “run up huge bills, forcing the card firms to suffer large losses, or they might sell the information to others who can use it in a similar fashion” (Cybercrime).

In some extreme cases, the hacker may even use the stolen credit card number to create a new identity for other criminals by changing the mailing address on the stolen account. This then allows the criminal to get a driver’s license or even a passport with their own picture, but under the innocent victim’s name. With the new driver’s license, the criminal can then get a new Social Security card and open bank accounts and loans all under the victim’s credit record and background.

According to the Federal Trade Commission report in 2003, during “the previous year 3.3 million Americans had their identities fraudulently used to open bank, credit card, or utility accounts, with losses of $32.9 billion to businesses and $3.8 billion to individuals” (Cybercrime).

Spam messaging has become on of the easiest and significant forms of cyber crime and has become an every day occurrence in the virtual world just as it is in the web mailbox of computer users. Users create messages that offer free games that then offer links to several sites that when clicked, lead the other users to malware, or “a software designed to infiltrate or damage a computer system without the owner’s consent” (Cybercrime). This malware can then hijack a user’s browser, redirect search attempts, track the web pages the user visited, and ultimately cause one’s computer to run slow and unstable.

If clicking on spam opens up the computer to malware, malware in turn opens up the computer to data-stealing Trojans. These data-stealing programs record the user’s IDs, passwords, IP addresses, and the name of the server that the user is working from. This process is done with a key-logger that records all the keystrokes the user makes. In some cases, the data-stealing Trojans “capture mouse movements and even screenshots. The attacker can log into the compromised account and retrieve anything of value” (O’Reilly). When a hacker compromises a gaming account, the attacker will convert the stolen objects into virtual currency and then convert that currency into real money.
Virtual worlds are also vulnerable to terrorist attacks. In one instance in Second Life, a user created a code that caused a visual simulation of a terrorist attack that killed off avatars and destroyed their virtual homes.

In World of Warcraft, a user created a virtual illness that “killed hundreds of players in several populated areas on multiple servers” (O’Reilly). Attacks such as these are created by the use of scripting holes that allow the viruses or illnesses to achieve persistency and are then able to spread.

New to virtual world Second Life is the Copybot program that allows a person to copy any object in Second Life. Since the users of Second Life can create their own items, as previously stated, the designers of the items are loosing money. Some of the virtual businesses are now worried and are shutting down their virtual world businesses before more items get copied. The creators of Second Life claim that “it is not clear yet if there is anything Linden Lab can do to stop people from using the bot” (Terdiman). So far, the best answer for victims is to file a Digital Millennium Copyright Act Complaint in the real world against the criminals. Second Life users complain that the process of filing a report takes many weeks. One user says that “by that time, someone’s work could be copied and stolen and distributed all over the grid” (Terdiman).

With more and more people using computers today and because the people that use them are getting younger and younger every year, it is important for everyone who plays on-line virtual games, or not, to be aware of the risks. One click of the mouse on the wrong page ruins a single person’s or entire business identity, credit, and profit. Virtual games suck as Second Life and World of Warcraft make it all too easy for hackers to go into a user’s account and steal specific items that are worth money once the credit card number makes travels into the internet. The bottom line is to never think that it cannot happen to you.

Works Cited

O'Reilly, Jayson. "Virtual Worlds, Real Attacks." ITWeb. 8 Sept. 2008. 3 Oct. 2008
<http://www.itweb.co.za/sections/techforum/2008/0809080841.asp?s=security&a=sec&o=google>.

Terdiman, Daniel. "'Second Life' Faces Threat to its Virtual Economy." CNet News. 15
Nov. 2006. 20 Oct. 2008 <http://news.cnet.com/2100-1043_3-6135699.html>.

Morganstern, Josh K. "Interview." Personal interview. 18 Oct. 2008.

"Cybercrime." Encyclopædia Britannica. 2008. Encyclopædia Britannica Online. 21 Oct.
2008 <http://www.britannica.com/EBchecked/topic/130595/cybercrime>.

"What is Second Life." Second Life. 2008. 20 Oct. 2008 <http://secondlife.com/whatis/>.