Wednesday, June 19, 2024

QR Codes Popularity May Abused to Deliver Malware and Banking Heists

Nowadays the use of QR codes has increased swiftly, as we all know that the COVID-19 pandemic has brought many remarkable changes among peoples.

Because of this pandemic situation, people are using mobile quick-response (QR) codes in daily life, these QR codes are very handy for both work and personal use.

After the declaration of work from home, people started using all hand devices that will help them to connect to business-critical systems and applications.

However, a new report of Ivanti pronounced that they have carried a survey of 4157 users from all over the world like China, France, Germany, Japan, the U.K., and the U.S. 

QR codes – An Increasing Cybersecurity Threat

After conveying the survey, Ivanti came to know that there are 83% of users who have used the QR codes for the very first time. 

But users don’t know that the increase in the usage of QR codes will also open up many opportunities for different threat actors. And the threat actors might use those opportunities to steal corporate data, they can also infiltrate mobile devices with the help of QR codes.

However, the threat actors always try to find different occasions so that they can carry out their planned operations and eventually wreaking destruction on businesses.

Capabilities of Malicious QR Codes

The capabilities of malicious QR codes are mentioned below:-

  • These codes can add all malicious contacts to the contact list.
  • The codes directly connect the system device to the malicious network.
  • It also helps in initiating phone calls.
  • It also sends text messages.
  • With the help of malicious QR codes threat actors can drafts an email.
  • These codes can reveal the user’s locations. 
  • With the help of these malicious QR codes, hackers can make different payments.

How users could be putting themselves at risk?

  • 47% of users came to know that the QR codes can be open a URL.
  • On the other side, only 37% of users know that the QR code can download an app.
  • Only 22% of users know that these QR codes can also provide the physical location.
  • 39% of users were confident and asserted that they know about the malicious QR codes, and identify them.
  • While 49% of users were confused that they either do not have or don’t know if they have security tools installed on their devices.

Prevent QR Code Cyberattacks

After knowing all the details regarding the QR codes, Ivanti claimed that there are some preventions that will help the users to keep alerted and safe from malicious QR codes or QR cyberattacks. 

Here are the preventions mentioned below:-

  • After scanning a QR code, if any users get a notification to put any password or information, then it’s a suspicious code.
  • Remember to check before scanning any random QR codes.
  • Avoid QR codes that were received through emails, one can scan the code if it is legitimate.
  • Avoid scanning a QR code if it is reprinted on a label and implemented above another QR code.

All these QR code threats are increasing day by day, and such opportunities will undoubtedly be used more and more by the attackers to infiltrate devices and steal many corporate data from the devices.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.


Latest articles

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...

Chrome Security Update – Patch for 6 Vulnerabilities

Google has announced a new update for the Chrome browser, rolling out version 126.0.6478.114/115...

Hackers Weaponize Windows Installer (MSI) Files to Deliver Malware

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by a threat actor group,...

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data

Hackers are offering "free" mobile data access on Telegram channels by exploiting loopholes in...

New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication

Several phishing campaign kits have been used widely by threat actors in the past....

Stuxnet, The Malware That Propagates To Air-Gapped Networks

Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA)...

Threat Actors Claiming Breach of AMD Source Code on Hacking Forums

A threat actor named " IntelBroker " claims to have breached AMD in June...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles