Study Reveals Vulnerability in Meta’s Quest VR System: Hackers Can Spy on User Data and Manipulate Social Interactions

The latest study published by the MIT Technology Review has revealed a concerning vulnerability in Meta’s Quest VR system that could potentially allow hackers to spy on user data and manipulate social interactions. The researchers from the University of Chicago were able to inject malicious code into the Quest operating system through an application that creates a digital clone of the Quest home environment.

During the study, the researchers were able to hack 27 test subjects without their knowledge, monitoring their VR activity. The malicious code was activated when users exited an app and returned to the home screen, with only a few users noticing a slight delay that was dismissed as a simple lag. The researchers were able to see, record, and modify everything the subjects did with the headset, including tracking speech, gestures, keystrokes, and browser activity. They were even able to manipulate the content of messages sent to others.

The main vulnerability identified in the study is the Developer Mode of the VR headset, which allows for remote access via the user’s Wi-Fi network for debugging purposes. This means that potential hackers would need access to the user’s Wi-Fi network and the VR headset would have to be in developer mode to carry out such an attack.

Meta, the company behind the Quest VR system, has stated that they will review the researchers’ findings and an independent peer review is pending. This vulnerability in the Quest VR system is not the first of its kind, as computer specialists in the US were able to hack VR headsets back in 2018, stealing sensitive user data from PC VR headsets like Oculus Rift and HTC Vive.

As VR technology continues to advance, it is crucial for companies like Meta to prioritize user security and address vulnerabilities to protect user data and privacy. Stay tuned for more updates on this developing story.