Fractional and nested: phishing gangs are trying to trap you with a new type of False Code QR

QR codes have been used for phishing purposes (phishing). Moreover, but cybercriminals have recently started to use two new techniques to be used to bypass the detection of malware codes. Therefore, These techniques are as clever as it is dangerous, as researchers from the Barracuda cybersecurity firm have discovered. Meanwhile,

It is also called ‘Quishing’: this form of phishing consists in encapsulating a malicious link in a QR code. Therefore, Anyone scanning this code without distrust with their smartphone leads to a false website designed to steal connection identifiers. other sensitive information. Nothing new so far. If it is only Barracuda researchers have recently discovered new fractionation. interweaving techniques in attacks via phishing kits as a service (phaas) Tycoon and Gabagool, widely used.

Fractional QR codes – Fractional nested: phishing gangs trying

Gabagool attackers have recently used QR codes split into Microsoft dummy emails, inviting fractional nested: phishing gangs trying users to reset their password. This technique consists in splitting the malicious QR code into two distinct images. placed side by side in a phishing email, making it appear as one and the same QR code.

When traditional messaging safety solutions analyze this message. they see two distinct, apparently trivial images, instead of a complete QR code. However, if the recipient analyzes the image, it is oriented towards a malicious website designed to steal its Microsoft identifiers.

Nested QR codes

The Tycoon Phaas kit recently started using the so -called nesting method (‘nesting’) to place a. malicious QR code around a legitimate QR image. During an intercepted attack. the external code referred to a malicious URL, while the internal QR code led to a Google website. According to Barracuda, this technique also aims to complicate threat detection by security solutions.

‘The malicious QR codes are popular among attackers because they seem legitimate. can bypass traditional security measures such as e-mail filters and links of links’, explains Saravan Mohankumar, manager Threat Analysis at Barracuda. ‘As recipients must often use a mobile device to scan the code. they may no longer be protected by the safety measures of their business.’

‘IA multimodale’

The cybersecurity firm therefore advises organizations to secure their messaging traffic thanks to multimodal AI capabilities. in addition to all basic security principles. ‘The multimodal AI improves detection by identifying. decoding and inspecting QR codes, without having to extract the integrated content,’ one is still explained by Barracuda.