Recapitulation Overview of Cybercriminality in the Metaverse

The metaverse as a virtual space is spreading in all directions, reinforced by technological innovations in networks as virtual spaces, transactions, and communication. The metaverse as a new space offers both opportunities and disadvantages to its users. Apart from its opportunities and benefits, the Metaverse encourages, thanks to its potential for discretion, anonymity, decentralization, etc., malice and the risks of multifaceted cybercrimes.. For this reason, we have dedicated this study to examining the multiple vulnerabilities, traditional and innovative funding methods used by cybercriminals to achieve their objectives and disrupt society. We also dedicate part of this work to the study and analysis of the new roles of AI, in these manipulation processes and how it contributes to the completion of harmful activities in the Metaverse. We will follow a specific framework, with the synthesis of previous study results to conduct a precise and comprehensive analysis of cybercrime in the Metaverse being our main objective, alongside drawing the attention of local researchers and experts in the field to these still ignored and less studied issues and challenges.

1. A description of the typology of cybercrimes in the Metaverse

We observed during our analysis of the Metaverse that it still retains some forms of cybercrime while developing new forms and challenges. Fraud, identity theft, phishing, social engineering attacks, are classic forms of cybercrime, but they are even more prevalent in the Metaverse. However, thanks to the potentials of the virtual world, they have developed and become new capabilities of cybercrime according to Hadziselimovic (2022). The decentralized nature and the near-complete discretion of criminals in this space, leveraging the potentials of virtuality, immersion, availability, and ease of use, can serve the objectives of cybercriminals to use personal data, biometric data, private life information, collected, circulated, and stored in the Metaverse, etc., for complex and unprecedented criminal activities (Benrimoh et al., 2022). Coupled with the absence of effective and harmful alert and combat mechanisms against ordinary cybercrime, this risks methodically amplifying the vulnerabilities and threats carried over to the Metaverse, against users (Andrejevic, 2022).

2. Attempts to limit the motivations and actors of cybercrime in the Metaverse

We cannot delineate the backgrounds and specify the intentions behind cybercrime in the virtual space. Financial gain, moral or psychological satisfaction, revenge or harm to the reputations of public or private figures, disruption of societal security, destruction of services and alteration of systems, etc. Therefore, this varies according to personal, societal, environmental, political, ideological intentions, etc., determining not only the type of attack but also defining the impacts and effects (Park et al., 2023). We have observed that in the virtual space, groups of hackers and criminals are often present, equipped with their sophisticated tools and technical means for fraud and manipulation, they succeed in the future in effectively disrupting such a nascent space like the Metaverse (Hadziselimovic, 2023). We also add that the cyber threat cannot only be of a criminal nature. Given that we have pointed fingers at the political and ideological backgrounds behind certain cyber threats, this means that we can see cyber threats in the Metaverse that conspire with state intelligence services to carry out espionage or disinformation activities (Andrejevis, 2022).

3. Financing methods for cybercrime in the Metaverse.

Financing cybercrime is a complicated process that involves several stages and encompasses various forms and modalities. Since criminal groups in the Metaverse are making unprecedented innovations in inventing methods to bypass control instruments and surveillance mechanisms. Money laundering is currently one of the few methods that international security services can intercept and stop. Transactions involving virtual currency (NFTs), arrangements on assets and virtual real estate, for example, allow for easy transactions without triggering inter-state mechanisms of financial surveillance and control, despite being illicit methods of money laundering from a legal standpoint (Benrimoh et al., 2022). Criminals, through these methods and several others, can disguise and legitimize their illegal activities in the Metaverse, making their financial gains from money laundering and illicit trade completely legal (Park et al., 2023).

In addition to what has been mentioned above, cryptocurrencies are breaking records and crowning cybercriminal activities in the Metaverse. And despite the promises of professionals and cybersecurity experts and advocates of blockchain transparency and transaction traceability and large fund transfers in the Metaverse, criminals still manage to bypass security mechanisms and controls and conceal the origins of their funds. (Li et al., 2023). The element of anonymity and the absence of user identity requirements is a determining factor for several virtual platforms, which is used in other ways to conceal the identity of criminals wanting to commit illegal acts in the Metaverse (Andrejevic, 2022).

4. Some designations of security threats

Criminal cunning is also present in the Metaverse, and criminals, with the help of sophisticated tools and technical means, always manage to achieve most of their goals and interests. Criminals often exploit, alongside the potentials offered by the Metaverse and their technological means, the naivety and ignorance of users regarding the challenges and issues of cybersecurity in the Metaverse. For example, criminals in the Metaverse can extract sensitive information from users by deceiving them into thinking they are other people they know, leading them to disclose critical data or spread harmful information to individuals. (Hadziselimovic, 2023).

Artificial intelligence (AI) technologies are currently being used to carry out these illicit tasks by cybercriminals. Experts and professionals are increasingly debating the benefits of AI in the field of cybersecurity and how the guidelines and directives of this technology have managed to fill glaring gaps in cybersecurity. But, they are unaware of how this technology has also contributed to the completion of cybercriminal activities and the strengthening of their illegal processes. AI has indeed contributed to the improvement of phishing activities, the refinement of identity falsification, precision in analyzing computer vulnerabilities, etc., and consequently facilitated access for potential criminals in the Metaverse (Benrimoh et al., 2022). The coupling between the potentials of AI, criminal cunning, and the promises of blockchain has achieved enormous gains for criminal groups by facilitating money laundering activities, transactions of dirty funds, or even activities far beyond the particular profile to more serious and dangerous implications. (Li et al., 2023).

5. Insufficiencies and gaps in virtual literature & moroccan cyberstrategy

As Park (2023) confirms, the Metaverse has been the subject of numerous specific studies and explorations that contain the particularities of their authors and contributors, who seek to address the security requirements and dangers of crime against human society imposed by this emerging technology, but in most cases within a national context. Nevertheless, these research attempts may still fall short of expectations aimed at deeply understanding the challenges posed by the Metaverse in order to adapt and fight effectively, especially when it is known that the latter transcends border frameworks and local legal standards. And according to this analytical trajectory, Morocco’s cyber strategy, especially after its renewal through the 2030 ambition project, constitutes a significant advancement in terms of consolidating the frameworks, devices, mechanisms, indices, and instruments of national cybersecurity, as well as in the development projects for national technological infrastructures (National Cyberstrategy, 2030). But, according to experts, it is still far from adopting specific measures for the regulation and administration of the Metaverse. The efforts of Morocco’s national cyber strategy do not yet give specific and exclusive importance to the challenges posed by virtual environments against security and social stability.

In the same vein, we noted the absence of a specific effort dedicated to the study and research on Metaverse issues at the national level. This does not only result from the objective circumstances related to the general situation of research on cybercrime in virtual spaces. Nevertheless, we see that this reality is the main cause of the transcendence and continuous transformation of these virtual spaces, which makes it difficult to adapt research and study results to the continuous and innovative movement and change of this emerging technology. So, the development of frameworks for preventing and anticipating cybercrime within the Metaverse seems like a complex mission, even for states and international security organizations (Interpol, 2022). The implementation of cooperation and collaboration policies and the improvement of management frameworks in the fight against innovative cybercrime in virtual spaces is also complicated, as states and intergovernmental organizations dedicated to finding responses to cross-border cybercrime are still in disagreement with states on several issues of competencies and interventions (Europole, 2055).

Efforts for public awareness and education are also limited, despite Morocco’s involvement in several local and international processes and initiatives to raise public awareness about the risks in the Metaverse and cyberspace in general. Nevertheless, due to the fact that the Metaverse continues to propagate and share dangers and challenges of multiple and different natures. This requires the continuous updating of our combat strategies and prevention plans in order to secure virtual assets, legalize transactions, combat fraud, control transfers, and monitor suspicious activities in the Metaverse (Zaanoon, 2023).

REFERECES

Andrejevic, M. (2022). Meta-Surveillance in the Digital Enclosure. Surveillance & Society, 20(4), 390–396. https://doi.org/10.24908/ss.v20i4.16008

Benrimoh, D., Chheda, F. D., & Margolese, H. C. (2022). The Best Predictor of the Future—the Metaverse, Mental Health, and Lessons Learned From Current Technologies. JMIR Mental Health, 9(10), e40410. https://doi.org/10.2196/40410

Park, H., et al. (2023). Towards a Metaverse Workspace: Opportunities, Challenges, and Design Implications. Journal of Virtual Reality and Digital Collaboration. http://dx.doi.org/10.1145/3544548.3581306

Interpol. (2022). ” Interpol technology assessment report on metaverse.” https://www.interpol.int/content/download/18440/file/INTERPOL%20Tech%20Assessment-%20Metaverse.pdf