QR codes, an abbreviation of Quick Response Codes, are two dimensional barcodes that can hold a wealth of information. They were originally designed for industrial uses like inventory tracking, but now they are commonly found in consumer advertising and payment provider applications. As the popularity of QR codes has grown, more hackers have started to develop exploits that target them.
A recent hack demonstrating how a malicious URL could be inserted into a QR code has reminded us of the need to be vigilant when working with these codes. If a user with an Android phone scanned the QR code their device could be taken over by an existing exploit. Google already patched the bug in Android 4.2, but over 70% of devices are still running an older version of Android and are vulnerable to attack.
In order to protect yourself, you should never scan a random QR code that you find in public. QR codes that are located in trusted magazines or businesses should be ok, but use caution if you don’t know who generated the code. Another way to defend your mobile device is by using NQ Mobile Security. It includes a QR Scanner to quickly detect and remove malicious links hidden in QR codes, eliminating opportunities for potential fraud.