Today there are so many different opinions about what the metaverse is and how to define it concretely. On the other hand, it is also complex to place it in the broader framework of the Internet. To summarize, it can be said that the metaverse is a kind of immersive space founded on Web3, where users can use avatars to socialize, work, buy, and participate in events and activities.
Over time that concept may deviate from the original idea, but what we do know for now is that so many companies are investing more and more in software and hardware development to capture a share of the market in this steadily rising sector.
Developers are very active in this regard, but with new technologies always come additional threats. So, it is vital to make sure that cybersecurity is fully embedded in the technological production related to the world of the metaverse.
However, it is not easy to identify cyber risks in a digital space that is not yet fully developed. By studying this innovative technology and the current cybercrime landscape, the company Trend Micro managed to define the various pitfalls and critical issues generated by the metaverse. Let's find out together what the dangers are from the so-called Darkverse and how you can protect yourself.
The Darkeverse and the alarm raised by Trend Micro
Money laundering, fraud, child exploitation, fake news, and cyber attacks are just some of the risks associated with the world of the web and the darkweb, often a receptacle for criminals looking for new victims to scam or illegal markets to exploit. The most dangerous evolution of this situation is the Darkverse, or the "dark" version in the metaverse.
In this regard, cybersecurity specialist Trend Micro published the article "Metaverse or MetaWorse? Cyber Security Threats Against the Internet of Experiences." in which they go on to analyze the Darkverse as a metaverse variant of the darkweb, within which cyberpirates can carry out illegal acts with impunity.
Infiltrating the underground and flooded markets of the Darkverse is virtually impossible without having the token of appropriate authentication. Given that users can only gain access if they are in a particular physical location, there is an additional layer of protection for closed criminal communities.
Fraud, financial fraud, NFT theft, ransomware and so on can then proliferate in the metaverse. By its very structure, the metaverse is a very fertile ground for cyebrcriminals who could theoretically compromise the spaces under management of critical infrastructure operators by launching extortion against enterprises and industrial systems.
At the same time, malicious people could prepare and test criminal actions in the metaverse and then replicate them in the real world. An even more troubling hypothesis concerns what may be called the "avatar assault."
In fact, hackers may decide to attack users' avatars with malware to learn their actions and cause physical harm. For example, strobe light effects in the viewer display could cause epilepsy or seizures.
The potential risks associated with the metaverse
The metaverse is constantly evolving technologically, but to take advantage of this new virtual space will not only be legal businesses, but also that whole submerged sea of cybercrime.
Hackers will soon begin migrating from the darkweb forums and communities to the more hidden folds of the metaverse. The article shared by Trend Micro sounded the alarm in a serious way, concretely highlighting possible threats from the darkverse that will likely become even more damaging than the darkweb.
This is because the Darkverse is not indexed by classic search engines and is able to build protected virtual spaces inaccessible to law enforcement. The NFT (Non Fungible Tokens) are already used to certify ownership of assets within the metaverse and for this very reason are vulnerable to ransomware, phishing and fraud of all kinds.
This means that if the data were encrypted in a ransomware attack, the user would remain the owner of the NFTs but would not be able to access his or her assets unless a ransom was paid. In addition, the artworks present in the metaverse could be faked, generating several, similar versions of the same work that allow for increased earnings through a sale at the price of the original.
Another aspect that should not be underestimated is that the metaverse will be a breeding ground for social engineering, fake news, and all forms of propaganda. In this virtual environment, criminals can exploit news events or biased narratives at will to target groups sensitive to certain issues.
Other pitfalls are related to the protection of the privacy that will need to be redefined as operators of spaces such as the metaverse will have greater visibility into users' activities. Online exposure, hate speech (hate speech and intolerance), and data theft are also serious dangers in new worlds that we still know too little about.
How to redefine the concept of security in the Darkverse?
Having established how treacherous and insidious the Darkverse can prove to be, it is necessary to understand how one can defend oneself from the risks generated by the metaverse that still remains a gray area From a legislative and judicial perspective.
Certainly people must act and behave conscientiously and conscientiously when moving through these virtual spaces. At this point one wonders how activities in the metaverse will be moderated, who should be responsible for them, and how copyright violations will be ascertained. Or how to help users understand whether they are interacting with a bot or a real person.
Another element to consider is the need to identify a mechanism to privacy protection preventing the metaverse from then being crushed by a few powerful big tech companies. Finally, it is important to understand how to overcome the high costs involved in intercepting crimes committed in the metaverse on a large scale and thus resolve the jurisdictional disputes.