In the virtual reality game Gorilla Tag, a clever exploit involving a free VPN called Big Mama VPN has been uncovered. Teenagers have used the VPN to cheat by creating a lag to more easily 'tag' other players. What makes Big Mama VPN particularly concerning is that it also sells access to users' internet connections, allowing others to disguise their online activities using the VR headset's IP address. This has been linked to cybercriminal activity and has placed the users’ privacy and security at risk. However, in this scenario, there does not appear to be any actual data breach or cyberattack directly impacting Meta's systems or its users' personal data.
Source: https://www.wired.com/story/residential-proxy-network-cybercrime-vpn/
TPRM report: https://scoringcyber.rankiteo.com/company/meta
"id": "met000122124",
"linkid": "meta",
"type": "Vulnerability",
"date": "12/2024",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Gaming',
'name': 'Gorilla Tag',
'type': 'Virtual Reality Game'}],
'attack_vector': 'Free VPN usage for cheating and selling access to internet '
'connections',
'description': 'Teenagers used Big Mama VPN to cheat in the virtual reality '
"game Gorilla Tag by creating a lag to more easily 'tag' other "
"players. The VPN also sells access to users' internet "
'connections, which has been linked to cybercriminal activity, '
"placing users' privacy and security at risk.",
'impact': {'brand_reputation_impact': "Potential damage to Gorilla Tag's "
'reputation'},
'initial_access_broker': {'entry_point': 'Big Mama VPN'},
'motivation': 'Cheating in the game and financial gain from selling internet '
'access',
'threat_actor': 'Teenagers using Big Mama VPN',
'title': 'Big Mama VPN Exploit in Gorilla Tag',
'type': 'Exploit'}