Researchers have exposed a potentially major security vulnerability with Meta’s virtual reality headsets, according to a new study.
A team of researchers from the University of Chicago said figured out a way to hack into Meta Quest headsets without the user knowing, allowing them to control the user’s VR environment, steal information, and even manipulate interactions between users.
Researchers called the strategy an “inception attack,” which they defined as “an attack where the attacker controls and manipulates the user’s interaction with their VR environment, by trapping the user inside a single, malicious VR application that masquerades as the full VR system.”
The study comes as Meta CEO Mark Zuckerberg continues to dump on the Apple Vision Pro, his top competitor in the space. Last week, Zuckerberg said Apple’s VR headset was “worse in most ways.”
The study, which was first reported by the MIT Technology Review, has not yet been peer-reviewed.
In order to carry out the attack, the hackers had to be connected to the same WiFi network as the Quest user, according to the study. The headset also had to be in developer mode, which the researchers said many Meta Quest users keep enabled in order to get third-party apps, adjust resolution, and take screenshots.
From there the researchers were able to plant malware onto the headset, allowing them to install a phony home screen that looked identical to the user’s original screen, but that could be controlled by the researchers.
That duplicate home screen is essentially a simulation within a simulation.
“While the user thinks they are interacting normally with different VR applications, they are in fact interacting within a simulated world, where everything they see and hear has been intercepted, relayed, and possibly altered by the attacker,” the researchers wrote in the study.
Researchers created cloned versions of the Meta Quest Browser and VRChat app. Once the replica browser app was running, the researchers were able to spy on the users as they logged into sensitive accounts, like their bank or email.
They were able to not only see what the user was doing, but also manipulate what the user was seeing.
For instance, the researchers described a situation where a user is transferring money. While the user tries to transfer $1 to someone, the attacker is able to change the amount to $5 on the backend. Meanwhile, it still appears as $1 to the user, including on the confirmation screen, so the user is unaware of what’s happened.
To test the inception attack process with real people, researchers had 27 study participants interact with VR headsets while they carried out the attack. The study said only a third of users even noticed the glitch when their session was hijacked, and all but one user chalked it up to a normal performance issue.
Meta did not immediately respond to a request for comment from Business Insider, but a spokesperson told MIT Technology Review they would review the study, adding, “We constantly work with academic researchers as part of our bug bounty program and other initiatives.”