Trend Micro calls out vulnerabilities in metaverse security development
“Illegal or criminal activities are likely to flourish in the darkverse since it will be difficult to track and monitor,” says Trend Micro.
In a new report published by American-Japanese cybersecurity company Trend Micro, the firm says that the metaverse possesses increasing vulnerabilities that could materialize within the next three to five years.
As told by Trend Micro, the top threats to the realm, mainly from a regulatory standpoint, include NFT security concerns, the development of a “Darkverse” similar to the dark web, financial fraud, privacy concerns, physical threats, AR threats, social engineering, and traditional IT attacks.
With regards to NFTs, Trend Micro specifically wrote:
“NFT ownership is verified using blockchains, which are susceptible to blockchain hijacking attacks. NFTs that rely on smaller blockchains could be vulnerable to a Sybil attack, where the attacker gains control of more than 50% of the peer nodes that verify transactions and thus can manipulate NFT ownership verification. Finally, a metaverse space may not honor the ownership asserted in the NFT as there is no legal reason to do so.”
The firm also believes that criminal groups could be drawn to the metaverse world due to the huge volume of e-commerce transactions. “In the metaverse, we will likely see more pump-and-dump schemes. Malicious actors will boost the value of digital assets through fake recommendations, endorsements, and investments; and then dump the assets.” As in theory, the valuation of virtual land is highly dependent on perception and could be open to manipulation.
Lastly, Trend Micro thinks that law enforcement agencies would potentially struggle in the first couple of years of metaverse development because of the high cost of intercepting digital crimes and criminals at scale. They will also have difficulty because jurisdiction is hard to establish. The time required to build metaverse expertise would also mean that such class of crimes could go largely unpoliced in the initial years.
“If a user is defrauded or robbed, then getting help, filing complaints, or filing legal actions will be very difficult. The user will also be using decentralized digital currencies, which adds to the complexity of the situation.”
At its finale, the report calls for developing suitable security models in anticipation of a large inflow of investments into the industry. Mark Zuckerberg, CEO of Meta, has said recently that the metaverse is an opportunity that could unlock ‘trillions of dollars‘ over time.