Virtual vulnerability: These are the real risks of VR gaming on public Wi-Fi networks
Playing video games on public Wi-Fi networks can expose you to hackers, and here's a potential danger to be aware of if you're using a VR headset.
Some of the most dangerous modern hacking attacks are the so-called inception attacks (a type of transient execution attacks), which exploit vulnerabilities in microprocessors and target the cache, leading to data leakage to criminals. This type of attack uses speculative execution, a feature of processors that increases performance by guessing what will be executed next before completing a slower operation. If the guess is true, the processor increases the performance of the current operation, and if the guess is false, then the processor does not accept the change and continues the operation using the new result.
Various vulnerabilities have been discovered over the years, including Spectre, which was initially discovered as a cause of leaks on AMD Zen processors. But now cybersecurity experts have identified a particularly vulnerable area that could be targeted by Spectre attacks.
Experts from the University of Chicago found that the inception attack can affect modern VR headsets. With its help, hackers can steal user messages and data, track their behavior, and even display false information on the gadget's screen. So far, no one has used this attack against VR devices, which is partly due to the fact that it is very difficult to replicate.
With its help, hackers can steal messages and user data, track their behavior and even show false information on the gadget's screen. No one has yet used this attack against VR devices, which is particularly due to the fact that it is very difficult to replicate. Meta representatives were promptly informed about this new way of hacking headsets.
The experiment utilized the Meta Quest VR headset, on which the researchers downloaded an infected app from a third-party source, activating developer mode for installation. They then ran a hacking app, and were able to easily gain control of the headset, including control over the screen image. This gave them the ability to change settings and information, and most importantly, commands. They were able to see instantly all the actions that the headset owner performed. These actions could include account-to-account money transfers and credit card payments. If there were criminals instead of security experts, they would have no problem redirecting money to their account and even, for example, increasing the amount of payments.
The researchers then tried to predict how headset users might react to the Spectre. They invited 27 volunteers to play one of the popular video games. During the game, the researchers initiated a hacker attack. The most surprising thing for them was that most of those who participated in the experiment did not notice any suspicious changes in the operation of their VR headsets, and only one of them suggested that it could be the effect of a virus.
If you own a VR headset and like to use it in your video games, then the likelihood of an attack on you is quite small, due to the complexity of such an operation. However, when using public Wi-Fi networks, the danger of Spectre potentially increases significantly. We recommend you to use only trusted networks.