First Ransomware Infection on Meta Quest Device

A cybersecurity researcher has effectively installed ransomware on Meta Quest VR devices without enabling Developer Mode, thereby exposing a significant vulnerability.

By Marco Rizal - Editor, Journalist 2 Min Read
Share this post?
Share this post?

A cybersecurity researcher has effectively installed ransomware on Meta Quest VR devices without enabling Developer Mode, thereby exposing a significant vulnerability.

Meta Quest virtual reality (VR) devices have been susceptible to vulnerabilities in a recent experiment conducted by a cybersecurity expert, which has highlighted the potential security risks to users.

Harish, a security expert, published a LinkedIn post that demonstrated how malware could be installed on the device without Developer Mode being enabled.

To give more information, Developer Mode is a special setting on Android devices that grants users access to a wide range of experimental and advanced features.

If the malware is installed outside of developer mode with fewer permissions available to the device, this could mean that the malware is also capable of infecting regular computer users.

It was discovered that the Meta Quest, which operates on a highly restricted variant of the open-source Android Open Source Project (AOSP), is still susceptible to malware attacks.

MetaQuest CovidLocker
Credits: Harish Santhanalakshmi Ganesan

Therefore, the researcher viewed it as a challenge to install malware on the Meta Quest without enabling Developer Mode.

This resulted in the realization that the device's operating system enables the installation of APK files in a manner that is comparable to that of Android smartphones.

The researcher discovered a method on YouTube that exploited a popular app from Meta's App Lab, which granted access to the native Android file management.

He successfully installed a ransomware program known as Covidlocker on the Meta Quest by employing this approach.

This ransomware encrypts files on the device and requests a ransom to release them, illustrating the potential for attackers to deceive users into installing not only ransomware, but also other types of malicious software through social engineering techniques.

Leave a comment