QR codes, part of popular marketing strategies created to engage mobile device users, have become a vector for malware that hackers could use to remotely access all of the data in a person’s phone and record their every move through pictures and audio, according to cybersecurity researchers. And there’s no way to know once a device is infected.
In an interview on Tuesday with Security Management, Nicholas Percoco, senior vice president and head of Trustwave SpiderLabs, a group of ethical hackers at a data security firm with expertise in investigations, research, and application security, said that most attacks that happen on mobile platforms occur when a user goes to malicious URL or they’re redirected to a Web site containing malicious code. Hackers are using QR codes as a tool to direct mobile phone users to those Web sites and infect mobile devices with malware. (more)