Metaverse is a hacker’s playground; cybercriminals set their eyes on virtual worlds, Experian reports

“Ready or not, the metaverse is here – and it is a hacker’s playground,” Experian wrote in the recently released 10th annual Data Breach Industry Forecast for 2023. 

As cybercriminals are also on the lookout for innovation, they are now targeting the metaverse. Hackers stole as much as $1.97 billion in cryptocurrency in the first half of 2022 alone. In 2023, they’re going after the metaverse.

VR and AR devices collect personal information and user data, which increases the risk of data breaches and potential attacks. The lack of regulations in the metaverse also adds risks for users.

Experian added that metaverse gadgets, such as VR headsets and AR glasses, gather information about users’ habits, preferences, and movements. The devices can also record the appearance of the user and how they sound. Thus, combining data with personally identifiable information increases the impact of potential hacks. “Avatars in the metaverse may not be the people they want you to think they are,” Experian warned users.

“Arkose Labs, an online account security and fraud prevention company, reported that in 2021, metaverse businesses faced 80% more bot attacks and 40% more human attacks than other businesses,”

the report stated.

NFTs are often a part of the metaverse economy and are also severely targeted by cybercriminals. Through selling fake NFTs or hacking NFT wallets, criminals can gain access to users’ funds and data. According to data by Elliptic, in one year, hackers stole $100 million worth of NFTs.

Experian warns individuals and businesses to proceed with caution in the metaverse and to remember that the safety rules of web 2.0 apply in the immersive virtual worlds of web 3.0.

AI-driven cybercrime will also be more common in 2023

AI is becoming more common in various industries, including healthcare and retail. As the use of technology grows, 2023 will experience an increase in AI cyberattacks too.

Artificial intelligence solves problems that usually require human intelligence; AI mimics the human brain and facilitates or takes over the work traditionally performed by humans. As much as technology improves daily operations, tech-savvy hackers are finding ways to create AI-driven cyberattacks.

Cybercriminals use AI to create realistic phishing emails and easy-to-believe audio or video files. Other ways to hack include “augmenting malware with AI to sneak around systems undetected.”

On the other hand, companies use AI to detect breaches and defend themselves from hacks. AI-based cybersecurity can “recognize patterns and trends in data that could indicate an attack.”

The deepfake technology “enabled a new social engineering attack.” The report also included that deepfakes will potentially cause global chaos. It might become difficult to differentiate “fake news” from reality; misinformation will become another war to fight in 2023.

“Organizations must remain vigilant and a step ahead of bad actors capable of weaponizing AI,”

Experian wrote.

The nascent virtual world will take time to reach the mainstream. However, Gartner forecasts that by 2026, 25% of people will spend at least an hour a day in the metaverse. While people and businesses will be figuring out how to work things out in the metaverse, cybercriminals will be looking for ways to exploit its vulnerabilities.