A top-secret virtual world being tested by the UK Government to promote consumer security advice has been turned against its creators by politically-motivated hackers.
The beta site of the ‘Safe Life.org.uk’ had been open to selected testers, but was invaded last week by the previously unknown ‘Axe 00n Evil’ hacker group, which created avatars that roamed the online world in bright orange jump-suits, criticising UK Government policies on issues such as support for the war in Iraq, the detention centre at Guantanamo Bay, and its unwillingness to make Linux a legal requirement for using a computer.
Costing a rumoured £180,000 ($350,000) in development costs, the Safe Life world is believed to be scheduled for launch in 2009, initially on an invitation-only basis. Its purpose is to adapt the idea of social networking to give consumers a place to learn about security, and to exchange tips on scams in their locality, exploring the site world using personalised avatars.
The motivation for the attack spears to be a mixed bag of political causes, but the invasion quickly degenerated into random satire.
The sign above the entrance to the online world was defaced from “Safe Life” to read “No Xxxxing life”, while the ‘@security’ virtual office, where consumers were to be encouraged to report virus and spyware attacks, ordered visitors to secure Apple Mac computers by “turning them off with a sledgehammer.”
A leaked email detailed how hackers also removed security from guest accounts, signalling an invasion by up to 200 unauthorised avatars from around the hacking fraternity, who caused further chaos.
Hackers, believed to of Russian origin, drove between different parts of the site in specially-created Soviet-era Zil Limousines, defacing the walls with nationalistic slogans such as “we drinking your gasoline NATO”, and “We wrestle Bush naked like in Borat movie” (sic).
A source inside the company contracted to build the online world, Selling Esteem Ltd, said that the hackers were believed to have discovered – or being given access to – hidden admin accounts, which they used to re-set the privileges of technical staff, turning them into helpless onlookers.
The source described events as “humbling,” and admitted that senior Government officials had been “incandescent” that the wraps had come off such an important the site ahead of its launch.
“We had hoped that [UK Prime Minister] Gordon Brown might have made a virtual visit to the site using a Scottish avatar we created for him in the image of 13th Century hero William Wallace,” but this now looked remote.
According to Swedish security consultant Karl Weindup, recently commissioned by ministers to carry out a review of IT projects, the UK Government was once again the “laughing stock of the technology world.”
His report would recommend that the future security of the country depended on ditching many malfunctioning IT projects in favour of the “selective re-introduction of paper-based systems, fax machines and type writers.”