Dino Dai Zovi is such a Rock Star..

Dino is the guy who added much shellcode coolness to MetaSploit, gave
the world Karma, released the first virtualization rootkit for Intel
(Vitriol), and gave much credibility to the Matasano crowd while he was
there..
Although he left the consultancy gig, he popped up briefly again during
the year to claim his macbook in the Cansec Hack the Mac challenge and
popped up again to break second-life..

Dino is the guy who added much shellcode coolness to MetaSploit, gave

the world Karma, released the first virtualization rootkit for Intel

(Vitriol), and gave much credibility to the Matasano crowd while he was

there..

Although he left the consultancy gig, he popped up briefly again during

the year to claim his macbook in the Cansec Hack the Mac challenge and

popped up again to break second-life..

http://www.securityevaluators.com/sl/

– -snip-

What the exploit does

Once the malicious file has been viewed by the victim, the attacker has

complete control over the victim’s computer – and Second Life avatar. At

this point the exploit could make the avatar do anything they like. This

particular exploit freezes the avatar and makes them send the attacker’s

avatar twelve Linden dollars and shout “I got hacked”.

– -snip-

Full points for style.. and full points for security geek coolness..

– -sigh- im such a fan-boy sometimes..

(you can watch a video of the attack here)

https://youtube.com/watch?v=RaCo4USXd5Y%26rel%3D1

/mh

Original source