The Hidden Danger of PDF Files with Embedded QR Codes


The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.

QR codes are increasingly popular due to their versatility and ease of use. Beyond payments and feedback, QR codes have a wide range of applications across various industries such as marketing, retail, education, healthcare, hospitality, transportation, real estate, public services, entertainment, business operations, personal use etc. Malware authors are efficiently taking advantage of its popularity. Sonicwall researchers observed that a lot of PDF files are coming from emails (fax) containing QR Codes asking users to scan with smart phone camera.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Hacked GPS tracker reveals location data of customers

    August 19, 2024

    Stalkerware researcher maia arson crimew strikes again. Big time. We know maia as a researcher that loves to go after stalkerware peddlers, which Malwarebytes—as one of the founding members of the Coalition Against Stalkerware—loves to see. The investigation into Tracki, besides uncovering a tangled web of companies, dubious websites, and false identities, also led to a ...

  • Wichita airport still without Wi-Fi months after cyber attack

    August 19, 2024

    It’s been more than three months since a cyber attack on Wichita took the city’s computer systems offline, and one city service is still not completely back to normal. Dwight D. Eisenhower National Airport was impacted by May’s attack. The airport’s Wi-Fi services went down, as well as its departure and arrival screens. While the screens ...

  • UK to conduct review on tackling ‘extremist ideologies’, including misogyny

    August 18, 2024

    UK Home Secretary Yvette Cooper has ordered a review of the United Kingdom’s counterterrorism strategy on how to best tackle threats by “extremist ideologies” including misogyny. Other ideological trends to be investigated by the Home Office include “Islamism” and far-right “extremism”. Cooper said the strategy will “map and monitor extremist trends” and gauge how to direct ...

  • How the ransomware attack at Change Healthcare went down: A timeline

    August 17, 2024

    A ransomware attack earlier this year on UnitedHealth-owned health tech company Change Healthcare likely stands as one of the largest data breaches of U.S. health and medical data in history. Months after the February data breach, a “substantial proportion of people living in America” are receiving notice by mail that their personal and health information was ...

  • Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove

    August 16, 2024

    In the shadowy world of cybercrime, even the most cunning hackers can make blunders that expose their operations. In this article CPR describes the discovery of Styx Stealer, a new malware variant derived from the notorious Phemedrone Stealer. Check Point investigation revealed critical missteps by the developer of Styx Stealer, including a significant operational security (OpSec) ...

  • ‘Keyboard warrior’ jailed for part in UK disorder

    August 16, 2024

    A man who posted material on social media to stir up racial hatred during recent unrest across the UK has been jailed for three years. Wayne O’Rourke, who had more than 90,000 followers to his X account, posted misinformation about the killing of three young girls in Southport on 29 July and praised the burning of ...