Communications of the ACM
Hacking the Metaverse
Said LSU's Abe Baggili, "Everyone needs to be aware that all technology has security risks. Once someone can access your device, they can potentially steal your money by accessing your banking and credit card accounts and wreak havoc on your life.”
Credit: Counterpoint Research
Louisiana State University (LSU)'s Abe Baggili and colleagues tested the security of immersive virtual reality (VR) and X-reality (XR) systems for weaknesses.
The researchers hacked a popular XR application used to watch movies with others in a virtual room, and found they could hijack a user's VR headset, view their screen, activate their microphone, and install a virus on their computer invisibly.
The virus infected other users who interacted with the compromised user, while the researchers also could enter the virtual room to eavesdrop.
They notified the app's developer, which accepted their recommendations.
Former LSU researcher Martin Vondrácek said the team open-sourced its hacking software, example exploits, and vulnerability signatures "to improve the state of the art of vulnerability detection and prevention in VR."
From Louisiana State University
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found