Scribd
Upload
38 views15 pages

Cybersecurity Flaws in The Metaverse #1

Cybersecurity flaws in the metaverse pose physical, network, system, application, and user risks: - Physical risks include health issues from extended immersive use like headaches, nausea, and disorientation. - Network risks involve improperly configured devices, traffic on unsafe websites, and lack of security protocols. - System risks include vulnerabilities in VR glasses and ability to run unauthorized commands. - Application risks range from blockchain platform flaws and lack of security in apps to vulnerabilities in client software. - User risks involve phishing, identity theft, privacy leaks, harassment, malware, and difficulty verifying other users' identities. Proper standards are needed to address security and privacy across jurisdictions in

Uploaded by

Angel Cabrales
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
38 views15 pages

Cybersecurity Flaws in The Metaverse #1

Cybersecurity flaws in the metaverse pose physical, network, system, application, and user risks: - Physical risks include health issues from extended immersive use like headaches, nausea, and disorientation. - Network risks involve improperly configured devices, traffic on unsafe websites, and lack of security protocols. - System risks include vulnerabilities in VR glasses and ability to run unauthorized commands. - Application risks range from blockchain platform flaws and lack of security in apps to vulnerabilities in client software. - User risks involve phishing, identity theft, privacy leaks, harassment, malware, and difficulty verifying other users' identities. Proper standards are needed to address security and privacy across jurisdictions in

Uploaded by

Angel Cabrales
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

Cybersecurity flaws in the

Joas Antonio
Metaverse #1 https://www.linkedin.com/in/joas-antonio-dos-santos
Emerging Technologies in 2022 and 2023

• Smart Spaces: Enhancing the capability of spaces using IoT and AI;
• Generative AI: Creation of new materials, based on original data, example:
Thisdoesnotexist and other AI that can even generate texts, audios and images;
• Metaverse: In 2022 refers to the merging of video games, social media and
entertainment to create new immersive experiences, like swimming into your
favorite music at an online concert.
What is Metaverse?

• The Metaverse can be described as a 3D version of the Internet being an


interconnected system that transcends national borders. Therefore, it will be
necessary to define a network of public and private standards, norms and rules to
operate in all jurisdictions.
• The metaverse will be a constellation of technologies, platforms and products.
Not just one, but all. And that takes a number of companies large and small,
society, the public sector and millions of individual creators.
What is Metaverse?
Snow Crash -
Origin

• “The word 'metaverse' was actually


coined by author Neal Stephenson in
his 1992 science fiction novel Snow
Crash. In his book, Stephenson referred
to the metaverse as an overarching
digital world that exists parallel to the
real world.”
Metaverse Risks

• Physical Security
• Network Security
• System Security
• Application Security
• User Security
Physical Risk
• “With what we have today, is it possible to be immersed
for a few hours in a world that will trick our brain to the
point of no longer recognizing what is outside the lens?”
No!
• Headaches, Nausea, disorientation and other symptoms
end up being a reality in the current metaverse;
• Users typically move around in the real world with an
Augmented Reality overlay, making physical safety a
concern. If users get too immersed in the virtual world,
they can harm themselves or those around them.
Network Risk
• Improperly opened ports and services;
• Traffic on unsafe websites;
• Lack of network security (Segregation of
VLANs, use of secure protocols, tools
such as DLP, Zero Trust, Firewall, etc.);
• Devices and development environments
exposed to the Internet;
System Risk

• VR Glasses Kernel Exploration;


• Android Reverse TCP;
• Running OEM Fastboot commands;
• Install third-party applications;

https://github.com/QuestEscape/research
Application Risk

• Vulnerabilities in BlockChain platforms;


• Risks with NFT;
• Lack of secure development in applications;
• Lack of integrity, availability and
confidentiality in certain applications;
• Abusive terms of use;
• Vulnerabilities in the Client (Reverse
Engineering in Glasses);
Application Risk #2

• “An example occurred with the company Sky Mavis. In which an


attacker used compromised private security keys to break into the
network nodes that validate inbound and outbound transfers to the
Ronin blockchain. This allowed the attacker to silently withdraw large
amounts of Ethereum.”

• Extra: These tokens are powered by smart contracts, which in turn are
deployed as compiled code within a transaction on the blockchain.
And as “non-fungible” as the tokens themselves may be – meaning
that their representation within the blockchain is unique and cannot
be duplicated – the metadata associated with NFTs is very fungible.
Therefore, nothing prevents copycats from creating new NFTs (using
different smart contracts, or even different blockchains) that point to
a copy of the content associated with the original.

• Another recent technique used by attackers is offering malicious


tokens through so-called airdrops. Since wallet addresses are public,
literally anyone can send NFTs to these addresses.
User Risk

• Phishing Attacks;
• Identity theft;
• Privacy of data entered on the platform;
• Understand the concept of smart contracts to identify whether the source code is published or not;
• Identity management;
• Harassment and verbal aggression;
• Deepfakes;
Metaverse users' identities can be spoofed, their accounts
• Malware attacks; can be hacked, and their avatars can be controlled. A
common challenge is that the identity of the person
metaverse users are dealing with is always questionable.
What's your choice: Reality or Simulation?
THANKS!

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy