Cybercriminals are using QR Code to steal WhatsApp accounts, says cybersecurity company ESET. They are doing the theft of accounts through an attack called QRLjacking. In it, they employ social engineering techniques to attack apps that use QR Code as a method of registration. And WhatsApp is one of them in its web version.
The hack works as follows: “When you open the desktop application access page, the QR code is generated. Using the phone, you can use the app from your computer. Cybercriminals take advantage of this function to convince victims to scan the QR code. Then, a fake page created by the criminals is shown, which attempts to hijack the victims’ WhatsApp session, “says ESET.
With the user session stored on the cybercriminals computer, the WhatsApp account is fully exposed.
Criminals have been exploiting QR codes for long. It is possible, after its interpretation, to enter a redirect URL. That is, leading the user to a fake domain. WhatsApp’s QR Code, says ESET, does not provide additional validation. And therefore criminals have developed tools. These tools capture and store that WhatsApp- generated image to create a new code of the same type to show to the victim.
Daniel Barbosa, ESET Latin America information security expert comments on the case: “While we are looking at the threat that occurs in this case, it is important to note that all applications that use QR codes may suffer similar attacks. You can increase the level of control so that the QR code can be used more safely. There is also a need for manufacturers to raise awareness. So that user data is increasingly protected and that applications have more security features at all. “
How to protect yourself:
- Get to know the applications you use: In the case of WhatsApp, one uses the QR Code to allow use of the application on computer. Suspect if any ads ask to scan the QR Code in exchange for some benefit or as part of a process beyond validation
- Use the least amount of public or untrusted networks: This and other types of attacks occur when the cybercriminals are on the same network as their victims. If you use public networks, avoid accessing information that is not extremely necessary to you at that time
- Always be aware: Keeping your attention, even on networks that you consider safe, is a best practice that helps you avoid different types of security incidents
- Notice if the app has responded to your eating: If you scan a code and do not receive any action in response, the user has probably been attacked. When in doubt, on the WhatsApp main screen, select the “WhatsApp Web” option and close all sessions that have been started. This will make criminals lose access to the account immediately
- Keep all security programs turned on: Configure them to block threats on both your smartphone and your computer
- Constantly update all programs and applications used: Updates bring new features and fix any security issues that programs may have.