QR Codes- Leading Lambs to the Slaughter

Dermot7 · Jan 6, 2012

In the simplest of terms a QR code (or Quick Response code) is a two dimensional barcode that can contain up to 4,296 alphanumeric characters. A great marketing tool, QR codes drive prospective customers to a website and interestingly, they can be placed virtually anywhere. Their popularity has of course exploded – one recent study showed that in June of 2011 over 14 million Americans scanned QR Codes with their mobile phone.
Click to expand...

: http://blog.lumension.com/4100/qr-codes-–-leading-lambs-to-the-slaughter/

siljaline · Jan 6, 2012

Thanks for this ~ QR Codes and the inherent risks

Malicious QR codes combined with a permissive reader can put a computer's contents and user's privacy at risk. They are easily created and may be affixed over legitimate QR codes. On a smartphone, the reader's many permissions may allow use of the camera, full internet access, read/write contact data, GPS, read browser history, read/write local storage, and global system changes.

Risks include linking to dangerous websites with browser exploits, enabling the microphone/camera/GPS and then streaming those feeds to a remote server, analysis of sensitive data (passwords, files, contacts, transactions), and sending email/SMS/IM messages or DDOS packets as part of a botnet, corrupting privacy settings, stealing identity, and even containing malicious logic themselves such as JavaScript or a virus. These actions may occur in the background while the user only sees the reader opening a seemingly harmless webpage.
Click to expand...

LockBox · Jan 6, 2012

Good information. Call me stupid, but I had never really thought through the security/privacy implications of the whole QR code thing. I have read several places that despite some of the figures thrown around, it's really not catching on anyway. But, it's very good to think about these things. Thanks for posting.

siljaline · Jan 7, 2012

Cited elsewhere on the Forum: Malware in a barcode or QR code.

Regards,

LockBox said:

Good information. Call me stupid, but I had never really thought through the security/privacy implications of the whole QR code thing. I have read several places that despite some of the figures thrown around, it's really not catching on anyway. But, it's very good to think about these things. Thanks for posting.
Click to expand...

axial · Jan 9, 2012

Has anybody seen e-mail spam with a URL link to "mobileqrcodes dot us"? Googling that domain doesn't seem as if it's really a legit hosting provider.

The text of the suspicious e-mail is ** exceptionally ** sophisticated (very, very impressive, actually), only 2 very slight grammatical mistakes and 1 typo. The content of the mail is 99% above suspicion but there are some contextual oddities about it, aside from that weird URL, that rings not legit.

If anyone would recommend a researcher who is investigating spam+QR codes I'd consider submitting it for analysis.

siljaline · Jan 10, 2012

The folks cited here may be interested in your input.

axial said:

Has anybody seen e-mail spam with a URL link to "mobileqrcodes dot us"? Googling that domain doesn't seem as if it's really a legit hosting provider.

The text of the suspicious e-mail is ** exceptionally ** sophisticated (very, very impressive, actually), only 2 very slight grammatical mistakes and 1 typo. The content of the mail is 99% above suspicion but there are some contextual oddities about it, aside from that weird URL, that rings not legit.

If anyone would recommend a researcher who is investigating spam+QR codes I'd consider submitting it for analysis.
Click to expand...

axial · Jan 10, 2012

Thx, siljaline, will follow up.

siljaline · Jan 10, 2012

You're welcome, will keep an eye on your post.

Regards,

axial said:

Thx, siljaline, will follow up.
Click to expand...

Dermot7 · Jan 11, 2012

"Researchers spot pharmaceutical spam campaign using QR Codes" : http://www.zdnet.com/blog/security/...maceutical-spam-campaign-using-qr-codes/10023

Spammers are no strangers to new technologies, and as true marketers, would do everything to achieve the objectives of their marketing campaign.

Security researchers from WebSense, have detected a spam campaign using QR codes. Scanning the QR code with a QR reader will load the pharmaceutical spam URL in the browser.
Click to expand...

axial · Jan 11, 2012

Unfortunately I'm having a problem finding a way to contact Marcin or MB except through support, and as this isn't explicitly an MB issue, a not-quite-MB support contact might get lost in the works.

siljaline said:

The folks cited here may be interested in your input.
Click to expand...

Rmus · Jan 11, 2012

axial said:

The text of the suspicious e-mail is ** exceptionally ** sophisticated (very, very impressive, actually),
Click to expand...

I don't see this as much of a threat here, since "suspicious emails" go to the trash!

More difficult to deal with:

Hackers using QR codes to push Android malware
http://www.zdnet.com/blog/security/hackers-using-qr-codes-to-push-android-malware/9522

According to security researchers at Kaspersky Lab (important disclosure: my employer), hackers are are using QR codes posted on web sites to redirect smart phones to other sites hosting an Android trojan.
Click to expand...

but from siljaline's link:

Malware in a Barcode
http://www.kleczynski.com/blog/2011/12/malware-in-a-barcode/

Many readers allow you to view content of the qr prior to popping off to the embedded url.
Click to expand...

That's what I would do if I had a smart phone.

Having that type of check is similar to previewing a shortened URL before clicking, it seems to me...

----
rich

Dermot7 · Mar 28, 2012

Today we see QR codes appearing in magazine advertisements and articles, on signs and billboards; anywhere a mobile marketer wants to allow information to be captured, whether in print or in public spaces, and facilitate digital interaction. Pretty much anyone can create a QR codes.

Unfortunately, that’s where the cybercriminals come in. While QR codes make it easy to connect with legitimate online properties, they also make it easy for hackers to distribute malware.
Click to expand...

http://www.infosecisland.com/blogview/20814-How-QR-Codes-Can-Deliver-Malware.html

Log in or Sign up

QR Codes- Leading Lambs to the Slaughter

Dermot7 Registered Member

siljaline Registered Member

LockBox Registered Member

siljaline Registered Member

axial Registered Member

siljaline Registered Member

axial Registered Member

siljaline Registered Member

Dermot7 Registered Member

axial Registered Member

Rmus Exploit Analyst

Dermot7 Registered Member

Log in or Sign up

QR Codes- Leading Lambs to the Slaughter

Dermot7 Registered Member

siljaline Registered Member

LockBox Registered Member

siljaline Registered Member

axial Registered Member

siljaline Registered Member

axial Registered Member

siljaline Registered Member

Dermot7 Registered Member

axial Registered Member

Rmus Exploit Analyst

Dermot7 Registered Member

Useful Searches