QR Codes Being Hijacked to Deliver Malware and Costly SMS Fees

They say you have to take the good with the bad. And what’s true of life must also be true of mobile.

Unfortunately, QR codes have been targeted as a new way of delivering malware to smartphones.

According to Laptop Magazine, security firm Kaspersky Lab discovered QR tags “embedded with code that directs the Android smartphones that interact with them to malicious websites hosting an Android Trojan.”

The high-profile incident of QR code tampering was uncovered late last month in Russia. Numerous people downloaded an Android app called Jimmm, which actually delivered malware capable of sending SMS codes to a premium rate number.

“Usage of QR codes for malware spreading was predictable. And as long as this technology is popular cybercriminals will use it,” said one Kaspersky Lab source.

With malware-infested QR codes being new to the mobile security community, greater efforts must now be taken by software vendors and mobile users alike to curb the impact of this nefarious practice.

For the time being, however, consumers are being told that they shouldn’t be too concerned with QR code contamination.

“There’s a interim step between scanning the code and launching an app in which consumers can determine if they’ve been scammed. If it’s a game and it’s requesting SMS, then you know something’s wrong,” Tim Armstrong, a malware researcher at Kaspersky Lab, tells Mashable.