VR headsets vulnerable to 'Inception attacks' — where hackers can mess with your sense of reality and steal your data

Popular VR headsets like the Meta Quest or Apple Vision Pro can be broken into, with hackers adding fake experiences called "inception layers" that let them manipulate how a user behaves.

Image manipulation of the Chicago skyline with mirror effect, creating a new dimension with the city connecting upside down by the skyscrapers.
Researchers found several possible routes of "inception attack" on VR headsets wearers.
(Image credit: Artur Debat/Getty Images)

Scientists have identified a vulnerability in virtual reality (VR) headsets that could let hackers access private information without the wearers' knowledge. 

A hacker can insert a new "layer" between the user and the device's normal image source. Hackers can then deploy a fake app in the VR headset that might trick the wearer into behaving in specific ways or giving up their data. This is known as an "Inception layer," referring to Chris Nolan's 2010 sci-fi thriller in which espionage agents infiltrate a target's mind and implant an idea the target assumes is their own. 

Latest Videos From

Drew is a freelance science and technology journalist with 20 years of experience. After growing up knowing he wanted to change the world, he realized it was easier to write about other people changing it instead. As an expert in science and technology for decades, he’s written everything from reviews of the latest smartphones to deep dives into data centers, cloud computing, security, AI, mixed reality and everything in between.