The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.
QR codes are increasingly popular due to their versatility and ease of use. Beyond payments and feedback, QR codes have a wide range of applications across various industries such as marketing, retail, education, healthcare, hospitality, transportation, real estate, public services, entertainment, business operations, personal use etc. Malware authors are efficiently taking advantage of its popularity. Sonicwall researchers observed that a lot of PDF files are coming from emails (fax) containing QR Codes asking users to scan with smart phone camera.
Read more…
Source: Sonicwall
Related:
- Harrods becomes latest retailer struck by cyberattack attempts
May 1, 2025
Harrods has become the latest retailer to be targeted by cyberattacks, which have struck Marks and Spencer and The Co-op this week. The luxury department store revealed it has had to take action against similar hacking attempts in recent days. In a statement shared with ITV News, Harrods said: “We recently experienced attempts to gain unauthorised ...
- Email Attacks Drive Record Cybercrime Losses in 2024
May 1, 2025
The FBI’s Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report. And it has revealed a record-breaking surge in cybercrime losses across the United States. Last year, total losses reached $16.6 billion, which is a 33% increase from the previous year. Email continues to be the most exploited attack vector, with cybercriminals using ...
- Apple notifies new victims of spyware attacks across the world
April 30, 2025
Apple sent notifications this week to several people who the company believes were targeted with government spyware, according to two of the alleged targets. In the past, Apple has sent similar notifications to targets and victims of spyware, and directed them to contact a nonprofit that specializes in investigating such cyberattacks. Other tech companies, like Google ...
- The Co-op fights attempted hack as M&S cyber attack rages on
April 30, 2025
The Co-op has been forced to shut off parts of its IT systems after it was confronted with an attempted hack. The Manchester-headquartered group has confirmed some of its back office and call centre services have been impacted. However, it added that all its stores, including grocery and funeral homes are trading as usual. It comes ...
- Phishing Domains Associated with LabHost PhaaS Platform Users
April 29, 2025
The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate 42,000 phishing domains linked to the LabHost phishing-as-a-service (PhaaS) platform between November 2021 and April 2024. Prior to being disabled by law enforcement in April 2024, LabHost was one of the world’s largest PhaaS providers, offering a range of illicit services for approximately ...
- Gremlin Stealer: New Stealer on Sale in Underground Forum
April 29, 2025
Unit 42 researchers have identified new information-stealing malware written in C#, called Gremlin Stealer. This stealer’s authors have actively advertised it on a Telegram group since mid-March 2025. This information-stealing malware exfiltrates data from its victims and uploads this information to its web server for publication. It can capture data from browsers, the clipboard and the ...