HTC Vive VR and Oculus Rift, two of the most popular virtual reality headsets, have been found to be vulnerable to hackers. According to a recent paper published by researchers from the University of New Haven in Connecticut, these VR headsets have a vulnerability that can be exploited by hackers to cause physical harm to its users.
The research revolves around OpenVR, an open-source software development kit created by Valve Software, the company behind Steam and supported by both HTC Vive and Oculus Rift headsets, the tethered PC-based virtual reality headsets. The concept of exploit here is that hackers with access to a compromised PC could exploit the vulnerability, and alter the space that acts as boundary for VR devices.
Before we get to the nitty gritty of this vulnerability, it is important to relearn how these VR devices work. In the case of HTC Vive and Oculus Rift, there is no way to see the physical surrounding once you strap the headset to your head. The setup process involves defining the area where you will move in the real world and this space acts as virtual boundary in the VR environment. This particular area is defined in the form of grid that appears whenever you get too close to that area.
This particular area can be anything, a wall or a couch around the area where you will be playing with the VR headset. Now, when the headset is connected to a compromised PC, the hackers can alter this particular space. There is a chance that they could get users of VR headsets to bump into a wall or trip over a staircase since the area has been altered. Another probability is that you could end up getting too close to a couch, defined as a boundary previously and end up swinging the controller in that direction. In retrospect, this could end up hurting someone seated in that couch.
The researchers at University of New Haven tested the vulnerability by sending the malware via an email to a targeted PC. Technically, the built-in protection at the operating system level and third-party antivirus have the potential to block this malware but the experiment demonstrates what happens when the OS-level detection fails.
“It was created with little security in mind, and they’re completely relying on the security of the operating system and the user,” says Ibrahim Baggili, director of the university’s Cyber Forensics Research and Education Group.
Watch: Samsung Galaxy S9+ Video Review
The researchers note that the software powering the Oculus Rift and HTC Vive failed to detect the malware, and allowed it to infiltrate the OpenVR software. The cracked OpenVR software, not only allowed the researchers to change the boundary but also everything seen through the headsets. The researchers note that there is more to this issue than just the crack around OpenVR.
They note that there are two authorization files hidden in the Steam folder that could be exploited to bypass two-factor authentication. Other files include the person’s name, port details, IP addresses and data associated with specific apps. It also includes accessible “artifacts” associated with a number of applications.
While HTC and Valve Software declined to comment on the new finding, Oculus says all the experiences within Rift are delivered through Oculus Store that does not rely on OpenVR. The researchers will reveal full findings during the 39th annual Institute of Electrical and Electronics Engineers Symposium on Security and Privacy in May.