•
5 min read
New feature: protection against QR code phishing
This change was released to all our customers in November 2023 and provides anti phishing protection by empowering them to identify and stop phishing attacks that use QR codes in emails, so called quishing. Looking at some statistics from our SaaS customers over the last 30 days, we can already highlight the following:
- 0.4% of attacks so far use QR code phishing.
- 5.4% of QR codes are potentially malicious (around one in 18).
"In the second half of 2023, we observed a sharp rise in the number of phishing attacks using QR codes. These would not be detected by traditional methods of URL detection. We reacted quickly to this growing threat by introducing QR code analysis into the xorlab Security Platform." - Andrew Graham, Software Engineer at xorlab AG
Killing two birds with one stone
While evaluating the 3rd party component for extracting QR codes, we learned about two vulnerabilities in the open source project Zbar barcode reader, which have been reported but not yet fixed. In order to ensure a secure component in our product feature, we decided to work on two patches to fix the vulnerabilities and contribute to an even more secure solution. The patches have now been integrated into the main project. The project can be found on Github, and the two vulnerabilities are reported to NIST here and here.
