Tuesday, November 26, 2024
HomeMalwareQR Codes Popularity May Abused to Deliver Malware and Banking Heists

QR Codes Popularity May Abused to Deliver Malware and Banking Heists

Published on

Nowadays the use of QR codes has increased swiftly, as we all know that the COVID-19 pandemic has brought many remarkable changes among peoples.

Because of this pandemic situation, people are using mobile quick-response (QR) codes in daily life, these QR codes are very handy for both work and personal use.

After the declaration of work from home, people started using all hand devices that will help them to connect to business-critical systems and applications.

- Advertisement - SIEM as a Service

However, a new report of Ivanti pronounced that they have carried a survey of 4157 users from all over the world like China, France, Germany, Japan, the U.K., and the U.S. 

QR codes – An Increasing Cybersecurity Threat

After conveying the survey, Ivanti came to know that there are 83% of users who have used the QR codes for the very first time. 

But users don’t know that the increase in the usage of QR codes will also open up many opportunities for different threat actors. And the threat actors might use those opportunities to steal corporate data, they can also infiltrate mobile devices with the help of QR codes.

However, the threat actors always try to find different occasions so that they can carry out their planned operations and eventually wreaking destruction on businesses.

Capabilities of Malicious QR Codes

The capabilities of malicious QR codes are mentioned below:-

  • These codes can add all malicious contacts to the contact list.
  • The codes directly connect the system device to the malicious network.
  • It also helps in initiating phone calls.
  • It also sends text messages.
  • With the help of malicious QR codes threat actors can drafts an email.
  • These codes can reveal the user’s locations. 
  • With the help of these malicious QR codes, hackers can make different payments.

How users could be putting themselves at risk?

  • 47% of users came to know that the QR codes can be open a URL.
  • On the other side, only 37% of users know that the QR code can download an app.
  • Only 22% of users know that these QR codes can also provide the physical location.
  • 39% of users were confident and asserted that they know about the malicious QR codes, and identify them.
  • While 49% of users were confused that they either do not have or don’t know if they have security tools installed on their devices.

Prevent QR Code Cyberattacks

After knowing all the details regarding the QR codes, Ivanti claimed that there are some preventions that will help the users to keep alerted and safe from malicious QR codes or QR cyberattacks. 

Here are the preventions mentioned below:-

  • After scanning a QR code, if any users get a notification to put any password or information, then it’s a suspicious code.
  • Remember to check before scanning any random QR codes.
  • Avoid QR codes that were received through emails, one can scan the code if it is legitimate.
  • Avoid scanning a QR code if it is reprinted on a label and implemented above another QR code.

All these QR code threats are increasing day by day, and such opportunities will undoubtedly be used more and more by the attackers to infiltrate devices and steal many corporate data from the devices.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

IBM Workload Scheduler Vulnerability Stores User Credentials in Plain Text

IBM has issued a security bulletin warning customers about a vulnerability in its Workload...

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions...

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in...