Hackers are using QR codes to distribute malware to smartphone owners, says AVG.
According to the security firm’s AVG Community Powered Threat Report – Q4 2011, QR codes are becoming more popular with mobile users when it comes to accessing web pages or information without the need for typing in text or a URL, as the codes can simply be scanned by a handset and then automatically direct the user to the information. However, hackers are beginning to exploit this popularity as the user does not know what lurks behind the QR code until the malware is already installed and running on their device.
“In Q4 we clearly saw the convergence between computers and mobile phones applies to malware too. As phones become more like computers, so do the risks,” said Yuval Ben-Itzhak, Chief Technology Officer, AVG Technologies.
“Many sophisticated tricks of the trade from computers are now being repurposed for phones. However, as phones are often tied into billing systems the gains can be far greater.”
AVG also revealed 2011 saw a surge in the number of Android malware samples detected as well as the number of smartphones running Google’s operating system. Furthermore, stolen digital certificates, which are used to trick a user into believing the application is genuine, are also being used to target mobile device owners along with Rootkits, which AVG said are “evolving to be much more sophisticated”.
The security firm said the Blackhole toolkit is currently the most active threat on the web, accounting for half of all detected instances and over 80 percent of all toolkits found this quarter. The USA remains the largest source of spam, but is now followed by the UK, which jumped from fourth to second place overtaking India and Brazil this quarter.