[ad_1]
- Researchers have exposed a potential security vulnerability in Meta’s VR headset, according to a new study.
- So-called “inception attacks” allow attackers to spy on and take control of a user’s VR environment.
- Only one-third of study participants noticed a problem when their session was hijacked.
In a new study, researchers have revealed that Meta’s virtual reality headset may have serious security vulnerabilities.
A team of researchers at the University of Chicago say they have discovered a way to hack the Meta Quest headset without the user’s knowledge, allowing them to control the user’s VR environment, steal information, and even manipulate interactions between users. did.
The researchers call this strategy an “inception attack,” which states that “by trapping a user within a single malicious VR application disguised as a complete VR system, an attacker can control the user’s interaction with the VR environment. and manipulative attacks.” ”
The study comes as Meta CEO Mark Zuckerberg continues to dump on Apple Vision Pro, its biggest competitor in the space. Zuckerberg said last week that Apple’s VR headset is “inferior in most ways.”
The study was first reported by MIT Technology Review, but has not yet been peer-reviewed.
According to the study, to carry out the attack, the hacker needed to be connected to the same WiFi network as the Quest user. The headset also needs to be in developer mode, which researchers say many Meta Quest users use to get third-party apps, adjust resolution, take screenshots, etc. , it seems that developer mode is still enabled.
From there, the researchers were able to plant malware on the headsets, allowing them to install a fake home screen that looked identical to the user’s original screen but that the researchers could control.
This duplicated home screen is essentially a simulation within a simulation.
“While users think they are interacting normally with various VR applications, they are actually interacting within a simulated world where everything they see and hear can be intercepted by an attacker. , relayed, and possibly modified,” the researchers wrote in the study. .
Researchers created cloned versions of the Meta Quest Browser and VRChat apps. Once the replica browser app was running, researchers were able to monitor users as they logged into sensitive accounts such as banking and email.
Not only could you see what the user was doing, you could also manipulate what the user was seeing.
For example, the researchers described a situation in which users were sending money. While a user is trying to transfer his $1 to someone, an attacker can change the amount in the backend to his $5. However, it still appears to the user as $1, including the confirmation screen, so the user has no idea what happened.
To test the initiation attack process using real people, the researchers had 27 study participants perform an attack while operating a VR headset. The study found that only a third of users noticed the glitch when their session was hijacked, and all but one user thought it was due to a regular performance issue. I did.
Meta did not immediately respond to a request for comment from Business Insider, but a spokesperson told MIT Technology Review that it would reconsider the research, adding, “We always accept academic research as part of our bug bounty program and other initiatives. “We are working with researchers,” he added.
[ad_2]
Source link
