Malicious QR Codes Posted Where There's Lots of Foot Traffic - Slashdot

Slashdot

Malicious QR Codes Posted Where There's Lots of Foot Traffic 89

Posted by Soulskill on Tuesday December 11, 2012 @07:18PM
from the neither-idiotproof-nor-jerkproof dept.

Orome1 writes "QR codes are very handy for directing users to specific sites by simply scanning them with their smartphones. But the ease with which this technology works has also made it a favorite of malware peddlers and online crooks, who have taken to including QR codes that lead to malicious sites in spam emails. They have also begun using the same tactic in the physical world, by printing out the malicious QR codes on stickers and affixing them on prominent places in locations where there is a lot of foot traffic. According to Symantec Hosted Services director Warren Sealey, these locations include airports and city centers, where the crooks stick them over genuine QR codes included in advertisements and notices, and most likely anywhere a person might look and be tempted to scan them."

This discussion has been archived. No new comments can be posted.

Malicious QR Codes Posted Where There's Lots of Foot Traffic

Search 89 Comments Log In/Create an Account

Comments Filter:

Norton Snap QR code reader (Score:4, Informative)

by doug141 (863552) writes: on Tuesday December 11, 2012 @07:46PM (#42255405)

It'll check out the site before connecting you, and is one of the few free code readers that doesn't require location permissions.

Share
twitter facebook linkedin
Re:This could be really dangerous! (Score:5, Informative)

by idontgno (624372) writes: on Tuesday December 11, 2012 @07:48PM (#42255413) Journal

I can only speak for my specific case (Android, using Barcode Scanner app): the app displays the captured image, metadata about the capture, and a decode of the string (recognizing, for instance, that it's a URI QR). BUT does not just hie off to whatever website is indicated. The displayed URI string is clickable, and clicking it does open the URI in the default browser app, but it does take that much human intervention to navigate there.
A few notable specifics to compare with other situations:
(A) No OS-native QR code capability. It required an app from the Google App Store (free, but not Free). One of several, it appears.
(B) There is a configurable option "Retrieve more info" which, when enabled, looks up information about URI/URL QR codes as part of the decode. For instance, after ingesting the sample QR code [wikipedia.org] from the Wikipedia "QR Code" article, the app correctly decodes the URI as "http://en.m.wikipedia.org", but with the "Retrieve more info" option enabled, it adds the descriptor "Wikipedia, the free encyclopedia"... which is the <Title> property at the top of that page, so I guess the app is retrieving the target URL internally and decoding the <Title> at least. Maybe that would be a buffer overflow vector for a well-crafted exploit, so I turn that option off.

Parent Share
twitter facebook linkedin
Re:This could be really dangerous! (Score:4, Informative)

by Eythian (552130) writes: <<robin> <at> <kallisti.net.nz>> on Tuesday December 11, 2012 @08:32PM (#42255783) Homepage

The source code for the Barcode Scanner app can be found here: http://code.google.com/p/zxing/source/browse/trunk [google.com]
It is free as in Free, Apache 2.0 license.

Parent Share
twitter facebook linkedin

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

802 commentsJudge Orders Child Porn Suspect To Decrypt His Hard Drives
377 commentsWhy Everyone Gets It Wrong About BYOD
334 commentsLast Forking Warning For Bitcoin
209 comments450 Million Lines of Code Can't Be Wrong: How Open Source Stacks Up
203 commentsIranian Hackers Probe US Infrastructure Targets

What's the difference between a computer salesman and a used car salesman? A used car salesman knows when he's lying.