One of the first malicious QR codes has been found by Kaspersky, the acclaimed Internet security company. Until now, the prospect of malicious codes has been nothing more than a tentative concern, though many security companies has been warning of the time when QR codes would become devious anti-security tools. Security professionals had warned that malicious codes could be very effective due to the willingness of consumers to scan any codes they find. Kaspersky reported the finding on its SecureList blog.
It was only a matter of time before someone exploited the popularity of QR codes to prey upon mobile consumers. The code in question was linked to a dummy website that would redirect smart phone users to another website that would initiate a download of a malicious program. The program was a version of the once popular ICQ instant messaging client. The virus would then begin sending a plethora of messages to random numbers with each message costing $6.
The QR code has, thus far, only appeared online, but Kaspersky believes a number of similar codes exist in print form somewhere in the world. Printed codes would be much more difficult to detect as they are, essentially, disposable. Kaspersky notes that consumers should not scan codes that are not attached to any major company as they may be malicious in nature.
Using QR codes as a form of cybercrime has been dubbed “Attaging” by the security community.