Researchers from the University of New Haven released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world. The flaws in Bigscreen app literally allowed researchers to remotely hijack Bigscreen’s web infrastructure (that runs behind its desktop application) and perform multiple attack scenarios through a custom-designed command-and-control server. A different vulnerability in the Unity Engine Scripting API that researchers exploited in combination with the Bigscreen flaw, allowed them to even take complete control over VR users’ computers by secretly downloading and installing malware or running malicious commands.
Source: https://thehackernews.com/2019/02/bigscreen-vr-hacking.html