New Inception Layer App Puts VR Users at Risk for Hacking and ExploitationExperts Uncover VR Weakness Allowing Hackers to Manipulate User Experience. Credit: techxplore.com

A group of computer experts from the University of Chicago has discovered a potential weakness in virtual reality (VR) technology that could leave users vulnerable to malicious attacks.

Their findings, published on the arXiv preprint server, reveal a potential "inception layer" that could be inserted between a user's VR Home Screen and their VR User/Server.

VR systems provide a simulated world where anything is possible, allowing users to interact in a virtual environment.

The research team imagined a scenario where hackers could manipulate this virtual world by installing a deceptive app on the user's VR headset.

This app would trick the user into revealing sensitive information that could be exploited by the hackers.

The concept of this app is similar to the plot in the movie "Inception," where a character's reality is altered by downloading a new layer into their brain.

In this case, the inception layer would act as a bridge between the user and the virtual world, allowing hackers to record, intercept, or alter information at their will.

For example, the app could capture a user's passcode for a virtual ATM or change the amount of money designated for a purchase and redirect it to the hacker's account.

Moreover, the app could also manipulate the virtual world, adding images of familiar characters to gain trust and access personal information.

It could even monitor the user's actions, gestures, voice, and social or business interactions, making it a powerful tool for hackers.

To install the app, hackers would need to gain access to the user's WiFi network or physically access their VR device.

Once installed, the app would run unnoticed, giving hackers complete control over the user's VR experience.

To test this possibility, the research team enlisted 28 volunteers to play a game using a demonstration VR headset.

They then downloaded the app onto the devices and asked the volunteers if they noticed anything unusual.

Only 10 of them noticed a slight flickering, and only one questioned the legitimacy of the download.

The researchers have informed Meta, the company behind the Meta Quest VR system used in the experiment, of their findings.

Meta responded by stating that they will investigate the potential vulnerability and take steps to fix it.

The researchers also warn that similar weaknesses may exist in other systems and apps that attempt to insert themselves between users and their VR devices.

Steven Russell
Steven Russell is a proficient entity from the Technology field. He completed Master’s Degree in Computer Science and Technology. He was engaged in the formation and administration of computational systems in his previous firm. He is associated with Industry News USA from last 2 years. Due to his command over the technology field, he has become the head of the Technology section in very less time period. “Latest gadgets” is the thing that attracts Steven the most.