Hackers using QR codes to push Android malware

Hackers using QR codes to push Android malware

Summary: Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones.

SHARE:

The growing popularity of Quick Response (QR codes) on smart phones has officially become a new distribution vehicle for malware on Android devices.

According to security researchers at Kaspersky Lab (important disclosure: my employer), hackers are are using QR codes posted on web sites to redirect smart phones to other sites hosting an Android trojan.

Once a user scans the QR code (using special apps), the code redirects them to a site that will install a Trojan on their phones.

Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan.

Kaspersky's Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 each).

Topics: Malware, Mobility, Security, Smartphones

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

21 comments
Log in or register to join the discussion
  • Block SMS

    If you use Sprint, you can send a message to 9999:
    block 2476
    This will block incoming/outgoing messages to this number.
    rspiewak@...
  • RE: Hackers using QR codes to push Android malware

    www.top4biz.com
    linbbaa
  • RE: Hackers using QR codes to push Android malware

    http://www.top4biz.com
    linbbaa
  • RE: Hackers using QR codes to push Android malware

    I'm glad I use a windows phone. no malware. I don't have to be worried about scanning QR codes or Microsoft tags online.
    blazing_smiley_face
  • the perpetrators

    should be prosecuted to the fullest extent of the law for messing with foss software.
    The Linux Geek
    • RE: Hackers using QR codes to push Android malware

      @The Linux Geek So if this sort of thing happened on an iOS device or WP7 based device it would be okay? Go take your meds and bring me the fries I ordered!
      athynz
  • What is the OS behind Android?

    Linux?

    Linux sure is a poor OS when it comes to security.

    Check out kernel.org. The site was easily taken down by hackers and weeks later, still isn't back up.

    Android is the only modern mobile OS to be plagued by malware. iOS isn't. WP7 isn't. BlackBerry isn't. Only the Linux powered Android is so bad that users have to be terrified of even taking a picture of a QR code.

    I know that this has made me never want to run Linux.
    toddybottom
    • RE: Hackers using QR codes to push Android malware

      @toddybottom iOS isn't because they are draconian in what can be allowed into their ecosystem, WP7 isn't because it hasn't been available long enough for hackers to take advantage of it, but rest assured it's time is coming. BlackBerry is if you load software from Web sites other than the BlackBerry App World.

      Android has no relation to the security of Linux. The Linux kernel is used in Android, but the system has been opened up for phone use. It's not true Linux. The hack on kernel.org has more to do with human error than any security issue of Linux (if you have the security but don't set it right, you're in trouble).

      Bottom line, no system is proof against determined hackers. Always use good Internet practices and an antivirus program. Personally, I use AVG on my Android phone.
      NCWeber
      • RE: Hackers using QR codes to push Android malware

        @NCWeber - I find this stand funny only because the Linux faithful tout the "secure Linux kernel" in Android phones as proof of it's superiority.<br><br>While there's truth in what you post, (especially that last paragraph), the Linux faithful are pretty rabid about how secure it is for the most part. It's rare to find a Linux person on these boards who will admit that *any* operating system is only as secure as it's user makes it.<br><br>Just sayin'....
        PollyProteus
      • To summarize your post

        @NCWeber
        1. iOS is secure because the ecosystem is secure. Sounds good to me (I own an iPhone and an iPad partially because of this advantage).

        2. WP7 isn't secure but it never gets hacked because it has security through obscurity. Interesting because the Linux fanboys do not accept this as an argument for why Desktop Linux is so rarely targeted by trojans.

        3. Android is not Linux when it comes to security reputation. However, Android is Linux when it comes to measuring the popularity of Linux.

        4. When the owners of the Linux kernel can't secure their Linux servers, that is just human error. When some poor amateur IIS website operator can't secure their servers, that is proof of how Windows has no security.
        toddybottom
    • RE: Hackers using QR codes to push Android malware

      @toddybottom Don't forget the take down of The Linux Foundation as well... which SJVN and most of his died in the wool Linux sheep are attempting to blame on a "malware ridden PC"... And aren't the servers running the Sony network Linux based?

      I have to give NCWeber props for [b]Bottom line, no system is proof against determined hackers. Always use good Internet practices and an antivirus program[/b] - there a few Mac fanbois and even fewer Linux fanbois that would even think those words - perhaps it's deemed to be blasphemy? - much less put them in a post. He seems to be one of the few Linux fans who is not a SJVN sheep.
      athynz
  • RE: Hackers using QR codes to push Android malware

    It was only a matter of time. I've been leery of the QR codes for a long time as I don't want something I can't read sending me to places I might regret going to. Hence I never use them.
    Tholian_53
    • RE: Hackers using QR codes to push Android malware

      @Tholian_53

      I feel the same way about the minimized links, because you have no way of knowing where they are actually going.
      Shmythey
  • Lookout Protect

    Does Lookout Mobile Security protect against this?
    KKPooh
  • RE: Hackers using QR codes to push Android malware

    Okay, hands up. How many of you scanned the QR code in the article?
    NCWeber
    • RE: Hackers using QR codes to push Android malware

      @NCWeber

      I did just to check it out, and to use Bing Vision some more.
      Shmythey
      • I like how Bing Vision works

        @Shmythey
        lets you know what it is, and lets you decide to go there or not.
        William Farrell
  • RE: Hackers using QR codes to push Android malware

    Ok, so just what kind of sites do you think send people to malware sites and send SMS messages? The kind of sites that that have always been problems! If you visit those kind of sites you get what you deserve! Come on ZDnet tell the whole story!
    jllink
  • Android is malware.

    The subject line says it all. WP7 FTW.
    I like coffee.
    • RE: Hackers using QR codes to push Android malware

      @I like coffee. <br><br>Enjoy miniscular market share advantages. <img border="0" src="http://www.cnet.com/i/mb/emoticons/happy.gif" alt="happy"> Remember this argument from Windows fans? <img border="0" src="http://www.cnet.com/i/mb/emoticons/wink.gif" alt="wink"><br><br>Hackers are not targeting WP7 since it has negligible market share. Wait for it to grow. <img border="0" src="http://www.cnet.com/i/mb/emoticons/happy.gif" alt="happy"><br><br>Meanwhile, I do not allow 3rd party apps on my EVO and Galaxy and I run no antiviruses on them. But on the other hand I also do not keep any sensitive information on them since I am in computing starting 1980 and have some clues about security risks.
      Solid Water