Malware, ransomware attacks and phishing are not the only scourges of the crypto industry as the Metaverse could become a big target next year, according to cybersecurity experts.
In its “Consumer Cyberthreats: Predictions for 2023” report on Nov. 28, cybersecurity firm Kaspersky forewarned that there will be greater exploitation of the Metaverse due to lacking data protection and moderation rules.
Kaspersky acknowledged there are currently only a handful of metaverse platforms, but the number of metaverses is set to expand in the coming years and the market could even top $50 billion by 2026. That expansion will entice cyber criminals to the ecosystem seeking to exploit unwitting virtual world participants.
“As the metaverse experience is universal and does not obey regional data protection laws, such as GDPR, this might create complex conflicts between the requirements of the regulations regarding data breach notification.”
Social media is already a hotbed of data breach activity so it stands to reason that the Metaverse will be an extension of this. As reported by Cointelegraph earlier this year, Social media was responsible for more than $1 billion in crypto scam-related losses in 2021.
Kaspersky also predicted that virtual abuse and sexual assault will spill over into Metaverse ecosystems. It mentioned cases of “avatar rape and abuse” adding that without protection mechanisms or moderation rules “this scary trend is likely to follow us into 2023.”
Meta, the firm formerly known as Facebook, has already received a lot of pushback over its Metaverse ambitions due to the lack of user protection and privacy concerns on its social media platform.
The report predicted that in-game virtual currencies and valuable items will be one of the “prime goals” among cybercriminals who will seek to hijack player accounts or trick them into fraudulent deals to fork over valuable virtual assets. Most modern games have introduced some form of monetization or digital currency support which will become a honeypot for malicious actors.
Kaspersky noted that new forms of social media will also bring more risks. It specifically mentioned a shift to augmented reality-based social media, adding that cybercriminals can start “distributing fake trojanized applications” to infect devices for further malicious purposes.
Threats to new AR-based social media and metaverse platforms are primarily data and money theft, phishing, and account hacking, the report concluded.