From InfoWorld: A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially hiding in plain sight in embedded QR codes.
QR codes are ubiquitous these days, as they are an easy way to deliver marketing content or direct users to websites and apps.
They have also become a hiding place for malicious code.
A threat research team at cybersecurity company Socket has discovered what it called “a sophisticated backdoor mechanism” that, when incorporated into an enterprise’s app or website, steals passwords stored in visitors’ cookies via code embedded in QR codes.
View: Full Article
