Hackers can see what you're doing in virtual reality via Big Brother malware
Want to learn more about the future of the video game industry? Join gaming executives to discuss emerging parts of the industry in October at GamesBeat Summit Next. Sign up today.
Hackers can see what you're doing in virtual reality thanks to malware called Big Brother. Well, sort of. There are 171 million people worldwide who use some kind of VR setup. Some of them use Android-based systems, like Meta's Oculus or HTC Vive.
These users are the ones at risk. ReasonLabs has identified a new attack vector that can remotely connect to Android-based VR devices and record the headset screen. Once the malware enters a user's computer, it waits until the user starts using a device with developer mode enabled.
As soon as the Big Brother malware recognizes a VR device, it quietly opens a TCP port. It then has the ability to remotely record the user's headset screen. It can record whenever the device is on the same Wi-Fi network as the infected computer.
The recordings can then be sent from the infected computer to the attacker, thanks to the open TCP port.
EventMetaBeat 2022
MetaBeat will bring together thought leaders from across the Metaverse to advise on how Metaverse technology will transform the way all industries communicate and do business on October 3-4 in San Francisco, CA.
> register hereIn this corner of the country, we view virtual reality as a gaming-related product. Which, of course, it is. But there are other industries that use VR setups for one reason or another. Healthcare, military, and manufacturers all use proprietary VR apps for training purposes. Installing these apps requires enabling developer mode.
Suddenly this malware isn't just spying, it's doing corporate espionage. That's a big deal.
But on the gaming side, it's not really safe either. Developer Mode must be enabled on devices in order to install unofficial games and apps. Same with pirated software.
If all you do with VR is play games, it might not be so bad. Users still need to protect themselves from it, but streamers make the same data available every day. However, it gets a bit risky when working on undisclosed VR projects. This may be information that you do not wish to disclose.
Or what about users who like to use apps like Virtual Desktop? A user logs into their email account, and now the attacker has an email address and the correct number of password characters. Accessing that email account is suddenly much easier.
The biggest problem, at least for the daily VR user? Big Brother sends the data, which uses data. Depending on how it sends the data, it can consume a lot of data in the process. If you're one of the unlucky people in the world with a data cap, you might quickly reach your monthly allowance.
It's not just a problem. This is a potentially costly problem.
GamesBeat's credo when covering the gaming industry is "where passion meets business". What does it mean? We want to tell you how much the news means to you, not only as a decision maker in a game studio, but also as a game fan. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about and engage with the industry. Learn more about membership.
Want to learn more about the future of the video game industry? Join gaming executives to discuss emerging parts of the industry in October at GamesBeat Summit Next. Sign up today.
Hackers can see what you're doing in virtual reality thanks to malware called Big Brother. Well, sort of. There are 171 million people worldwide who use some kind of VR setup. Some of them use Android-based systems, like Meta's Oculus or HTC Vive.
These users are the ones at risk. ReasonLabs has identified a new attack vector that can remotely connect to Android-based VR devices and record the headset screen. Once the malware enters a user's computer, it waits until the user starts using a device with developer mode enabled.
As soon as the Big Brother malware recognizes a VR device, it quietly opens a TCP port. It then has the ability to remotely record the user's headset screen. It can record whenever the device is on the same Wi-Fi network as the infected computer.
The recordings can then be sent from the infected computer to the attacker, thanks to the open TCP port.
EventMetaBeat 2022
MetaBeat will bring together thought leaders from across the Metaverse to advise on how Metaverse technology will transform the way all industries communicate and do business on October 3-4 in San Francisco, CA.
> register hereIn this corner of the country, we view virtual reality as a gaming-related product. Which, of course, it is. But there are other industries that use VR setups for one reason or another. Healthcare, military, and manufacturers all use proprietary VR apps for training purposes. Installing these apps requires enabling developer mode.
Suddenly this malware isn't just spying, it's doing corporate espionage. That's a big deal.
But on the gaming side, it's not really safe either. Developer Mode must be enabled on devices in order to install unofficial games and apps. Same with pirated software.
If all you do with VR is play games, it might not be so bad. Users still need to protect themselves from it, but streamers make the same data available every day. However, it gets a bit risky when working on undisclosed VR projects. This may be information that you do not wish to disclose.
Or what about users who like to use apps like Virtual Desktop? A user logs into their email account, and now the attacker has an email address and the correct number of password characters. Accessing that email account is suddenly much easier.
The biggest problem, at least for the daily VR user? Big Brother sends the data, which uses data. Depending on how it sends the data, it can consume a lot of data in the process. If you're one of the unlucky people in the world with a data cap, you might quickly reach your monthly allowance.
It's not just a problem. This is a potentially costly problem.
GamesBeat's credo when covering the gaming industry is "where passion meets business". What does it mean? We want to tell you how much the news means to you, not only as a decision maker in a game studio, but also as a game fan. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about and engage with the industry. Learn more about membership.
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
