Since QuickResponse (QR) codes are becoming more popular and widespread, allowing smartphone owners to quickly scan them to find out more information on a certain product, cybercriminals noticed this and began placing malicious ones in strategic locations with the purpose of spreading viruses and other pieces of malware.
The guys at Bullguard issued an advisory
in which they give out some great tips on how to protect a mobile phone and digital assets from ill-intended QR codes.
Websites, magazines, supermarket products and even advertisement posters contain QR codes, which makes it fairly easy for anyone to fall into a trap cleverly set up by crooks.
Not long ago, we’ve seen how easy it is to encrypt the address of a malicious domain
into such a matrix barcode.
The malware embedded on these domains is usually designed to steal calendar data, contacts, passwords, bank account details, SMSs and even track locations.
The best thing you can do to protect a device and your information is to use a QR code-scanning application that lets you preview URLs. If the links are shortened, look suspicious or they have nothing to do with the product you’re scanning, don’t open the location.
Stickers placed in random places such as walls, buss stations, or billboards are very dangerous since they’re designed to raise the curiosity of people who walk by.
Phones that run an Android operating system are especially targeted since hackers will study its sourcecode trying to find weaknesses they can easily exploit.
This is the why most malicious apps transmitted via QR codes are designed for Android devices.
Finally, a security solution designed for mobile machines is highly recommended since in most cases, if they’re updated, they are capable of detecting and neutralizing any threat that may be hiding behind an innocent looking barcode.