Researchers warn of darkverse emerging from the metaverse

Picture courtesy Trend MicroARN just reported: "The metaverse is seen by many companies as a great business opportunity and for new ways of working. Security provider Trend Micro, however, warns in a recent research report that cyber criminals could misuse the technology for their own purposes.

Security researchers predict that a kind of darknet structure could emerge there, similar to today's Internet. The machinations of the cyber gangsters could even take place in protected rooms that can only be reached from a specific physical location and via valid authentication tokens. This would make their underground marketplaces inaccessible to law enforcement agencies. In fact, it could be years before the police can operate effectively in the metaverse.

Likely metaverse threat scenarios

The researchers warn that the Darkverse could become a platform for cyber threats, including:

  • Attackers target non-fungible tokens (NFTs), an increasingly popular means of defining property in the metaverse, for phishingransomware, fraud, and other attacks.
  • Criminals use the metaverse to launder money using overpriced virtual real estate and NFTs.
  • Criminal and state actors create manipulative narratives that reach vulnerable and receptive groups. Social engineering, propaganda and fake news have profound implications in a cyber-physical world. 
  • Privacy is redefined. Operators of metaverse-like rooms have unprecedented insight into the actions of the users. Privacy as we know it no longer exists there.

"The metaverse is a multi-billion-dollar, high-tech vision that will define the next internet age. While we don't know exactly how it's shaping up, we already need to start thinking about how it might be exploited by threat actors and how we can build our own to protect society in a meaningful way." comments Udo Schneider, IoT security evangelist at Trend Micro.

"In view of the high costs and legal challenges, law enforcement agencies will have difficulties monitoring the metaverse in general in the first few years," Schneider is convinced. He demands: "The IT security industry must intervene now." Otherwise, "a new Wild West would develop on our digital front door."

This is a cross post with grateful acknowledgement to ARNNET.

Don’t get hacked by social media phishing attacks!

Many of your users are active on Facebook, LinkedIn, and Twitter. Cybercriminals use these platforms to scrape profile information of your users and organization to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organization's reputation, or gain access to your network.

KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

SPT-monitorHere's how the Social Media Phishing Test works:

  • Immediately start your test with your choice of three social media phishing templates
  • Choose the corresponding landing page your users see after they click
  • Show users which red flags they missed or send them to a fake login page
  • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Cybersecurity Awareness Month 2022 Free Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews