STE WILLIAMS

Crazy square barcodes can point your phone to MALWARE

Crazy square barcodes can point your phone to MALWARE

  • alert
  • print
  • comment
  • tweet

Help, help, I’m under attag

Free whitepaper – King’s College LondonUses IBM BNTRackSwitch for HPC

Russian VXers have begun using obnoxious barcode-on-steroids QR codes as a launchpad for mobile malware.

A recently identified malicious Quick Response code on a Russian website links through a series of redirections to a site punting a Trojan version of the Jimm mobile ICQ client. Android users who follow the links and install the application will be infected with a nasty that sends text messages to premium-rate SMS numbers, net security firm Kaspersky warns.

Tricking users into scanning QR codes, which can encode URLs into barcode-like squares, to lure them into installing malicious applications on smartphones is a new threat, dubbed “Attaging” (Attack Tagging). Technically speaking whether a user follows a link in a browser or follows a QR code to reach the same location is no different, apart from the fact users might be more trusting about a non-human-readable QR code than a conventional URL.

QR codes have recently appeared in online Android application catalogues. Smartphone users can read about an application on their PC before scanning a QR code using the camera on their Android device in order to download it. The approach gets around the need to type in a booby-trapped URL on a phone’s keyboard but also creates new security risks. ®

Free whitepaper – Fluid data technology earns top honors with the Alvarado ISD

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/10/03/qr_code_mobile_malware_risk/

Comments are closed.