A new report prepared by the cybersecurity company Trend Micro warns of the existence of a ‘darkverse‘ or ‘dark verse’ of crime hidden from law enforcement, which could rapidly evolve to fuel a new metaverse-related cybercrime industry.
This document, ‘Metaverse or MetaWorse? Cybersecurity threats against the Internet of Experiences’, focuses on the importance of the technology sector anticipating cybercrime threats in this new Internet era. As envisioned by Trend Micro, the ‘darkverse’ will resemble a metaverse version of the ‘dark web’, that will allow threat actors to coordinate and carry out illegal activities with impunity.
“Given the high costs and jurisdictional challenges, law enforcement will have a difficult time policing the metaverse in general in its early years. The security community must step in now or risk it developing.” a new Wild West at our digital doorssays Bill Malik, Vice President of Infrastructure Strategies at Trend Micro.
The underground markets operating in the ‘darkverse’ would be impossible to infiltrate to the police without the correct authentication tokens. Since users can only access these spaces if they are within a designated physical location, there is an additional level of protection for closed criminal communities.
Top five threats
The report detects five major threats to the metaverse. In this sense, they warn that NFTs (non-fungible tokens) will be affected by the ‘phishing‘, los bailoutslos frauds and other attacks, which will come under increasing attack as NFTs become a major metaverse asset for regulating ownership. The sheer volume of e-commerce transactions in the metaverse will be a magnet for criminals and criminal groups.
“The ‘darkverse’ will become the reference place to carry out illegal or criminal activities, because it will be difficult for law enforcement to track, monitor and infiltrate. In fact, It may be years before the police catch up”, add cybersecurity experts. Another possible threat is money laundering through the use of overvalued real estate in the metaverse. Again, in this virtual context, NFTs will provide “a new outlet for criminals to clean up cash.”
Social engineering, propaganda and ‘fake news’ will also have a profound impact in a cyber-physical world. “Criminals and state agents will employ Influential narratives targeting vulnerable and sensitive groups to certain topics,” the document adds.
Finally, Trend Micro experts point out that the privacy will be redefined, as metaverse space operators will have unprecedented visibility into user actions, essentially when using their worlds. “Participating in the metaverse will have a cost to user privacy, even greater than the use of current social networks,” they conclude.
Attacks will adapt
As with any new technology, proven attacks will persist in this new space, according to the report. Attacks such as distributed denial of service (DDoS) for extortion, ransomware, API abuse, and vulnerable devices will impact the metaverse. These methods may be the first used by malicious actors as they are well known and understood.
Likewise, cybercriminals could try to compromise the spaces of ‘digital twins‘ Managed by critical infrastructure operators to sabotage or extort industrial systems. Or they could deploy ‘malware’ on metaverse users’ full-body actuator suits to cause Physical damages. “Assaults on avatars have already been reported on several occasions,” they detail.
“The metaverse is a high-tech, multi-billion dollar vision that will define the next Internet age. While we don’t know exactly how it will play out, we need to start thinking now about what it will look like.” exploited by threat actors,” concludes Malik, urging technology companies to anticipate these possible scenarios.