The Hidden Danger of PDF Files with Embedded QR Codes

July 5, 2024, 4:21 p.m.

Tags
phishing
credential theft
2024-07-05
pdf files
qr codes
malicious urls
External References
Description

The report describes how malware authors are abusing PDF files with embedded QR codes to deceive users into visiting malicious phishing URLs disguised as legitimate services. The QR codes redirect users to fake Microsoft login pages designed to harvest credentials and potentially gain unauthorized access to sensitive data. The report details the techniques used, potential consequences, and provides indicators of compromise (IOCs) and SonicWall protection signatures.

Date

Published: July 5, 2024, 3:37 p.m.

Created: July 5, 2024, 3:37 p.m.

Modified: July 5, 2024, 4:21 p.m.

Indicators

68d72745079d00909989c92141255ba530490cd361a26ee1f4083acf35168c45

Download all indicators here!

Attack Patterns

T1535

T1599

T1598.003

T1211

T1588

T1557

T1189

T1598

T1083

T1204

T1566

Additional Informations

Technology

Finance

Government