cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

Are QR codes threats?

Hi All

 

Here is an interesting topic, everyone uses QR codes - can they be malicious?

 

https://threatpost.com/qr-codes-menu-security-concerns/159275/

 

Regards

 

Caute-cautim

4 Replies
Highlighted
Community Champion

Re: Arrrre QR codes threats?

Aye, matey, there be QR codes that can tear the VPN out of your firewall like a shark going after a bucket o' guts!

 

I've taken to posting my details in a QR code on the first slide of my presentations, as:

 

Rob Slade qrcode.png

 

Oddly, when people find out I am a malware researcher, nobody actually scans the code ...


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: Arrrre QR codes threats?

@rsladethey could be a little cautious - especially I wonder that COVID-19 code will take me when I register at a shop?  Does your QR code take people's devices to /dev/null or to the Dark Web to an obscure place?

 

How can we verify a QR safely without compromise?

 

Are there tools available in portable mode, so one does not compromise oneself?

 

Regards

 

Caute_Cautim

Highlighted
Community Champion

Re: Are QR codes threats?

The biggest issue I have seen with QR codes and for that matter link shorteners like bit.ly is that today they could go to a legitimate site and tomorrow they could point you to malware.

 

Be very careful....

 

Paul

Highlighted
Contributor II

Re: Are QR codes threats?

I read recently that you can add a + sign to the end of a bit.ly link, and it will preview the link safely.

 

https://bit.ly/1sNZMwL+, for example (and it should point to the Bitly Wikipedia article)

 

Can't say the same for QR codes, however...

---
Eric Geater, CISSP
I've always said, "There's nothing an agnostic can't do if he really doesn't know whether he believes in anything or not."