QR code exploit could use iOS Camera app to misdirect users to malicious sites

Infosec has discovered a potential exploit using the QR code-reading capabilities of the iOS Camera app that would allow one URL to be displayed while directing users to another hidden link. The simple code tweak allows those generating a QR code to set their link to display a safe-looking or familiar URL in the iOS confirmation box that pops up when a QR code is scanned, only to deliver the user to another URL entirely that was placed later in the code. The issue has been reported to Apple but hasn’t been fixed yet.

Share on facebook
Share on twitter
Share on reddit
Share on linkedin
Share on email
Share on whatsapp