<ul data-eligibleForWebStory="true"><li>Cybersecurity company INKY Technology Corp. warns of a new phishing threat using QR codes with embedded JavaScript.</li><li>Attackers are now using QR codes with raw HTML and JavaScript to execute payloads instantly upon scanning.</li><li>This method bypasses the need for link clicks and can hijack login pages, capture keystrokes, and launch exploits within the browser.</li><li>Malicious JavaScript in the QR codes can create fake login portals, exfiltrate data, and fingerprint devices for exploitation.</li><li>The technique involves embedding base64-encoded HTML in QR codes, which, when scanned, automatically opens and executes in the system browser.</li><li>These QR codes evade traditional security measures as the payload is self-contained and does not rely on external URLs.</li><li>Using advanced compression and encoding, attackers can hide malware in QR codes to avoid detection.</li><li>INKY recommends organizations to educate users against scanning unsolicited QR codes, disable automatic browser opening, and report suspicious emails to security teams.</li></ul>

INKY warns of new QR code phishing tactic using embedded JavaScript

Discover more