Cisco Talos Analysis – Vulnerabilities in the Metaverse

In the so-called Metaverse or Web 3.0, a lot of things are supposed to change. What’s left: Cybercriminals will also try to do their harm here. This is shown by analyzes from the cybersecurity branch of Cisco, Talos. […]

Photo: Cisco Talos

The Internet as we know it is evolving. Durability remains to be seen. In any case, the so-called Web 3.0 with blockchain, cryptocurrencies and decentralized data storage will provide the technical basis for the Metaverse, a new 3D virtual space for digital encounters and commercial as well as electronic exchanges. More and more users are already experimenting with NFTs (Non Fungible Tokens) or cryptocurrencies.

While the coming upheaval will be significant, one thing seems certain: the Metaverse will also be teeming with hackers, phishers, and scammers. Cisco Talos, the networking giant’s ICT security arm, analyzed the specific dangers that lie in wait for Web 3.0 and examined the new virtual space for its weaknesses.

Conclusion: The Metaverse brings new technologies, but also old problems.

Web 3.0: playground for cybercriminals

The thing is, the promise of Web 3.0 makes it attractive to cybercriminals as well. They use well-known social engineering and phishing techniques. However, completely new attack vectors are also emerging around the metaverse.

“Most cybercriminals are financially motivated. The Metaverse provides them with a vast, unregulated playground in which to steal their cryptocurrency and NFTs from unsuspecting users – assets that are nearly impossible to recover if stolen,” said Jaeson Schultz, CTO from Cisco’s Talos Security Intelligence & Research Group, in a recent blog post.

He also gives advice on how to better protect yourself in Web 3.0. Specifically, Cisco Talos lists the following security risks:

  • ENS DNS Domains for Cryptocurrency Wallets. The chosen ENS (Ethereum Name Service) name could break anonymity and reveal the identity of the owner of the virtual wallet address. ENS names such as “DebbieSmith.eth” are often seen or found on Twitter profiles, which can determine that person’s credit and attract cybercriminals. 3.8% of .eth addresses found by Talos contained more than $100,000 in Ethereum, while 9% of addresses contained more than $30,000.
  • Social engineering attacks, especially via social networks, where users are supposed to be tempted to act without thinking. It works particularly well with new technologies that users are not yet very familiar with. The attacks target, for example, wallet cloning, Metamask support scams and attacks on “whale” accounts with large amounts of cryptocurrencies.
  • Malicious smart contracts. Attackers write their own malware, which resides on the blockchain in the form of malicious smart contract code. Examples include “sleepminting” (simulating the origin of the NFT) and attackers tricking users into providing access to their wallets without handing over the digital asset.
  • Active attacks on keyphrases (Recovery Word List) and intentional spying on wallet seed phrases.

And the mentioned security issues are probably just the beginning. “Cisco Talos predicts that as Web 3.0 and the Metaverse mature, interest from cybercriminals will also increase. This will increase both the volume of attacks and their sophistication,” summarizes Schultz.

*Jens Stark is an author at COM!professional.

Leave a Comment