Metaverse exploitation and abuse to rise in 2023: Kaspersky

Published at: Nov. 30, 2022

Malware, ransomware attacks and phishing are not the only scourges of the crypto industry as the Metaverse could become a big target next year, according to cybersecurity experts.

In its “Consumer Cyberthreats: Predictions for 2023” report on Nov. 28, cybersecurity firm Kaspersky forewarned that there will be greater exploitation of the Metaverse due to lacking data protection and moderation rules.

Kaspersky acknowledged there are currently only a handful of metaverse platforms, but the number of metaverses is set to expand in the coming years and the market could even top $50 billion by 2026. That expansion will entice cyber criminals to the ecosystem seeking to exploit unwitting virtual world participants.

“As the metaverse experience is universal and does not obey regional data protection laws, such as GDPR, this might create complex conflicts between the requirements of the regulations regarding data breach notification.”

Social media is already a hotbed of data breach activity so it stands to reason that the Metaverse will be an extension of this. As reported by Cointelegraph earlier this year, Social media was responsible for more than $1 billion in crypto scam-related losses in 2021.

Kaspersky also predicted that virtual abuse and sexual assault will spill over into Metaverse ecosystems. It mentioned cases of “avatar rape and abuse” adding that without protection mechanisms or moderation rules “this scary trend is likely to follow us into 2023.”

Meta, the firm formerly known as Facebook, has already received a lot of pushback over its Metaverse ambitions due to the lack of user protection and privacy concerns on its social media platform.

The report predicted that in-game virtual currencies and valuable items will be one of the “prime goals” among cybercriminals who will seek to hijack player accounts or trick them into fraudulent deals to fork over valuable virtual assets. Most modern games have introduced some form of monetization or digital currency support which will become a honeypot for malicious actors.

Related: The Metaverse is a new frontier for earning passive income

Kaspersky noted that new forms of social media will also bring more risks. It specifically mentioned a shift to augmented reality-based social media, adding that cybercriminals can start “distributing fake trojanized applications” to infect devices for further malicious purposes.

Threats to new AR-based social media and metaverse platforms are primarily data and money theft, phishing, and account hacking, the report concluded.

Tags
Related Posts
Nifty News: Fake Pokémon NFT game spreads malware, ‘Jai Ho’ singer to launch metaverse and more
Hackers hide malware in fake NFT game A phishing website purporting to offer a Pokémon-branded nonfungible token (NFT) card game has been spreading malware to unsuspecting gamers, a cybersecurity firm has warned. The website, which at the time of writing was still online, also claims to offer an NFT marketplace, with a link to buy tokens and even an area to stake NFTs all based on the popular Japanese media franchise. However, an arm of the South Korean cybersecurity firm AhnLab, warned the public about website on Jan. 6, noting that instead of downloading the game, users were actually downloading …
Music / Jan. 9, 2023
13 apps removed after researchers uncover Trojan crypto wallet scheme
Research by cyber security firm ESET has uncovered a “sophisticated scheme” that disseminates Trojan apps disguised as popular cryptocurrency wallets. The malicious scheme targets mobile devices using Android or Apple (iOS) operating systems which become compromised if the user downloads a fake app. According to ESET's research, these malicious apps are distributed through bogus websites, and imitate legitimate crypto wallets, including MetaMask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, and OneKey. The firm also discovered 13 malicious apps impersonating the Jaxx Liberty wallet, available on the Google Play Store. Google has since removed the offending apps, which were installed more than …
Adoption / March 30, 2022
Bored Ape Yacht Club NFTs stolen in Instagram phishing attack
As told by Bored Ape Yacht Club (BAYC) developers on Monday, hackers breached the popular nonfungible token (NFT) collection’s official Instagram page and shared links to a fake airdrop with the project’s followers. Crypto enthusiasts who connected their MetaMask wallets to the scam website were subsequently drained of their Ape NFTs. It appears that the attack was planned to coincide with the one-year anniversary of the launch of the BAYC collection, thus increasing the “perceived credibility” of the phishing link. Unconfirmed reports on social media indicate that approximately 100 NFTs were stolen during the phishing attack. Based on data from …
Adoption / April 25, 2022
Metallica issues crypto scam alert before the 72 Seasons album launch
It’s quite evident that bad actors have left no stone unturned as legendary metal band Metallica warned fans against crypto giveaway scams right before their highly anticipated launch of its new album, 72 Seasons. Cashing in on the buzz around Metallica’s new album launch and upcoming tour, scammers have started targeting metalheads through social media impersonation. Metallica, however, was quick to point out “the ugly side of social media,” asking fans to steer away from Metallica Crypto giveaways, stating: “Let’s be as clear as possible. [Metallica crypto giveaways] are scams.” Sad but true, Cointelegraph recently highlighted a rise in front-running …
Adoption / Dec. 6, 2022
Binance launches anti-scam campaign after Hong Kong pilot run
Binance, in cooperation with law enforcement agencies, is launching a campaign to prevent scams by issuing targeted alerts to potential victims, according to a March 3 blog post from the company. The project, called the “joint anti-scam campaign” was rolled out first in Hong Kong, and the company now intends to expand it into other jurisdictions. Keeping our ecosystem and the #Binance community safe is at the core of what we do. Which is why we partnered with law enforcement agencies across the globe to launch the Joint Anti-Scam Campaign. Read on to see what it's all about ⤵️ https://t.co/q9LOtuZm2F …
Adoption / March 3, 2023