Hackers using QR codes to push Android malware

Summary:Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones.

The growing popularity of Quick Response (QR codes) on smart phones has officially become a new distribution vehicle for malware on Android devices.

According to security researchers at Kaspersky Lab (important disclosure: my employer), hackers are are using QR codes posted on web sites to redirect smart phones to other sites hosting an Android trojan.

Once a user scans the QR code (using special apps), the code redirects them to a site that will install a Trojan on their phones.

Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan.

Kaspersky's Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 each).

Topics: Security, Mobility, Smartphones


Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.