Malicious QR Codes
Ever seen a random QR on a wall? Seen a QR in a bizarre location? Before you pull out your phone to see where the QR takes you stop and think.
***this post is written for educational purposes. The author is attempting to shed light on the risks involved QR codes***
QR is a handy way to share information because there are a variety of things that can be included in one of these codes. Things that can be packaged into a QR code can vary from text messages to URLs to WIFI passwords and a lot more.
The inherent problem with QR codes is that there is an assumed level of trust on the part of the user.
Scenario: You are at a restaurant, it has a paperless menus. Patrons pull out their phones and scan the QR code and are redirected to the website where the menu sits. Simple enough right?
Problem: When you see a QR code do you really know what will happen when you scan it? You can't fully understand what is going to happen, which is why this is a perfect tool for social engineering.
QR codes redirect the user to a desired destination. What if on the way to that desired place we grab some useful information from the unsuspecting user. What if instead of grabbing data (like external IP) we download a file to the user?
For those not familiar with Drive-by-Downloads, essentially what happens is that when you visit a website you unknowingly download something or are redirected to a different site. It's pretty sneaky.
Below is one such example of how people can steal your external IP address. I've tested it out with VPN on my phone and it works.
***this post is written for educational purposes. The author is attempting to shed light on the risks involved QR codes***
1. grabify.link
2. Click "create link"
3. Save your information provided
4. Copy grabify link and navigate to tinyurl.com
5.Paste grabify link into tinyurl and copy new tinyurl generated url
6. Navigate to qr-code-generator.com. Choose specifications and paste tinyurl into html form
7. Download created QR
8. Distribute QR
9. Navigate back to "access link" mentioned in #3 and scroll to bottom of screen to look at results
As you can see this process is very simple. Anyone can do this and paste the QR anywhere.
