The Hidden Danger of PDF Files with Embedded QR Codes


The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.

QR codes are increasingly popular due to their versatility and ease of use. Beyond payments and feedback, QR codes have a wide range of applications across various industries such as marketing, retail, education, healthcare, hospitality, transportation, real estate, public services, entertainment, business operations, personal use etc. Malware authors are efficiently taking advantage of its popularity. Sonicwall researchers observed that a lot of PDF files are coming from emails (fax) containing QR Codes asking users to scan with smart phone camera.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Microchip Technologies hit by cyberattack

    August 21, 2024

    Microchip said an ‘unauthorised party’ disrupted its systems and has impacted its ability to fulfill manufacturing orders. US chipmaker Microchip Technologies has been hit with a cyberattack, disrupting its systems and impacting its manufacturing capabilities. The company revealed the details in a filing with the Securities and Exchange Commission and said it detected “suspicious activity” on ...

  • Toyota confirms customer and employee data stolen, says breach at third party to blame

    August 21, 2024

    Last week, a cybercriminal using the handle ZeroSevenGroup dumped 240GB of data on the infamous stolen data site BreachForums, that they said came from a hack on the US branch of car manufacturer Toyota. ZeroSevenGroup claims the dump includes customer and employee data. Toyota told BleepingComputer that a breach at a third party had led to the ...

  • Selling Ransomware Breaches: 4 Trends Spotted on the RAMP Forum

    August 20, 2024

    The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks. Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to ...

  • BVI Electricity Corporation suffers cyber attack

    August 20, 2024

    The BVI Electricity Corporation (BVIEC) announced on Monday, August 19, that it had fallen victim to a cyberattack. The power company stated that the attack has impacted both their internal and external operations. While the full details of the cyberattack have not been disclosed, BVIEC has assured the public that they are working closely with experts ...

  • Ransomware attacks surge over 60% in UK and US

    August 20, 2024

    Malwarebytes’ 2024 State of Ransomware report published today (20 August) shows a surge in malicious activity on US and UK businesses. The “ThreatDown 2024 State of Ransomware” report reveals an alarming increase in ransomware attacks over the past year. In the US there has been a 63% increase in ransomware attacks on organisations and businesses, with ...

  • Amsterdam municipality bans Telegram on work phones over security concerns

    August 19, 2024

    The municipality of Amsterdam has banned its civil servants from using the messaging app Telegram on their work phones due to concerns over criminal activity and potential espionage, local media reported on Monday. The ban, which was implemented at the end of April but only recently made public, is attributed to fears that Telegram could be ...