Could malware attacks via QR codes threaten your companys network security?.
QR Codes growing in popularity
Quick Response codes are now becoming increasingly prevalent - you see them everywhere from business cards to magazines to buses and posters. For the user they are an excellent way of collecting information very quickly and simply. For marketeer's QR codes are a dream - these 2D barcodes are capable of storing and transmitting data directly to the smart phones of interested customers. When a QR code is scanned with a smartphone, the QR code can do several things, including taking the user to the product's website. However it seems that these innocuous bar codes can be easily manipulated and used by criminals to cause malware infections creating a growing network security issue for companies.
Simulated and actual malware attacks via QR codes
The security blogger and researcher Augusto Pereyra demonstrated this in a recent article. Pereyra created a QR code from a free online service and embedded a URL for an attack server called evilsite.dyndns.org. When the smartphone user (himself in this case) scanned the tag, the browser was directed to the fake site and spread malware. Predictably, cybercriminals are now using this technology to download malicious software to smartphones. Recently Kaspersky Lab anti malware analysts detected several malicious websites containing QR codes for mobile apps some including a Trojan capable of sending text messages to premium numbers.
Are smartphone users aware of the potential threat to corporate data?
While most smart phones ask the user to approve any downloads or installations, smart phone users in general seem to be less on guard and unaware of possible risks such as privacy breaches, fraud and identity theft. Most users simply want to install and start using a newly downloaded application, without thinking about the potential damage.
With mobile devices with us 24/7, people are increasingly using these devices for work. The increase in QR code malware attacks therefore presents serious implications for business security. The ability to keep personal use separate from work can be troublesome, if the need arises therefore an employee with an iPhone or Android will not hesitate to use it to sync with data from company systems. As companies and marketeers take advantage of the power of mobile devices, and it becomes easier to carry out financial tranactions and do business via smart phones, researchers at SpamTitan suspect online attackers will attempt to further use QR codes to gain access to precious company data via these malware attacks.
Can users protect themselves?
At SpamTitan we agree that the rise of malware delivered by QR codes was inevitable – cyber criminals are constantly looking at what’s trending so that they can find ways to earn increased revenues from their ‘work’. Unfortunately, awareness is key. In the short term users need to be cautious when accessing websites, downloading and installing software.
Some general security recommendations around the use of QR Codes:
- Choose a configurable QR-reader software that allows you to confirm QR-code output prior to acceptance.
- If you don’t know the origin of a QR-code DO NOT scan it.
- Continue to create and use QR codes as a way to exchange contact details only
Most organizations have experienced some form of malware infiltration often through a variety of sources, this paper investigates the causes of such problems and looks at the consequences of poor communication security.