QR code with a link to Riskware/Jifake!Android
A long time ago, more than 2 years ago actually, I blogged about the dangers of QR codes:
“virus gangs could use this technology to have the end-user follow malicious links or send messages to premium numbers“
and, this is exactly what happened a few days ago, when Denis Maslennikov found a QR code leading to a mobile malware, named Jifake, that sends SMS messages to a premium number.
I told you so, and I couldn’t resist telling you 😉
QR codes are very handy, but they’re an incredible vector for attacks. Mainly, the issues are with the fact they are opaque (human eye can read what they contain) which leads to plenty of possibilities around phishing and social engineering.
But there are few other dark points we should be keep an eye such as QR code reader exploits and input validation. Could a specially crafted QR code crash the reader, lead to privilege escalation or unsecure input in another application of the phone (browser, SMS…)? Keep in mind that QR codes are not limited to URLs, they can also contain up to 2953 bytes of binary data. It is even possible to encrypt part of the contents of a QR code (see here).
If you feel like reading a research paper on this topic, have a look at this one: QR Code Security.
– the Crypto Girl
Leave a reply
