Malicious QR Codes: Attack Methods & Techniques Infographic

31 Oct 2011

QR-code-diagram final_preview-900x730

At the end of September our research team detected the first attempts of cybercriminals using QR codes in malicious attacks. With the popularity in QR codes increasing, cybercriminals have begun to create malicious codes to simplify the downloads of malicious software. Kaspersky Lab  detected several malicious websites containing QR codes for mobile apps on the Android platform (e.g. Jimm and Opera Mini) which included a Trojan capable of sending text messages to premium-rate short numbers. By early October, our researchers had detected QR codes linked to malware for both Android and J2ME.

We expect malicious QR codes to grow in number, especially as QR codes become more mainstream. Currently the safest way to protect yourself is to be cautious of scanning QR codes and avoid anything that looks suspicious. Our infographic provides a visual aid to demonstrate the different ways that cybercriminals will try to use QR codes for malicious use.