Scientists at the University of Chicago have identified a potential vulnerability in virtual reality systems that could allow hackers to insert a so-called “seed layer” between a user’s home screen and the virtual reality server. They described their work and research results in a paper published on the pre-publication server arXiv.
Virtual reality systems allow users to interact in a virtual world where almost anything is possible. The team’s research presented a scenario in which hackers could add an application to a user’s virtual device that tricks users into acting in a way that could reveal sensitive information to hackers.
The idea behind the app is that it can add a layer between the user and the virtual world that the user normally sees when using their VR device. Such a layer, according to the researchers, could allow hackers to record information such as a password entered into a virtual ATM. It can also intercept and change information, such as the amount of cash intended for a purchase, and divert the difference to the hacker’s account.