Security researchers have identified two novel attack methods, split QR codes and nested QR-in-QR techniques, that demonstrate how attackers continue to evolve their tactics to circumvent detection systems.
The Gabagool phishing-as-a-service (PhaaS) platform has introduced a technique that divides malicious QR codes into two separate images embedded within phishing emails.
When traditional email security solutions scan these messages, they identify two distinct and seemingly benign images rather than recognizing the complete QR code threat. This fragmentation approach allows the malicious payload to remain hidden from conventional detection mechanisms.
Barracuda threat analysts recently discovered Gabagool attackers implementing this split QR code technique in a Microsoft password reset scam.
The attackers utilized highly tailored messages, suggesting they had previously executed successful conversation hijacking attacks against their targets.
While the QR code appears complete to recipients, analysis of the HTML reveals it comprises two different images that combine to form a functional code directing victims to credential-harvesting phishing pages.
The Tycoon 2FA PhaaS platform has deployed another evasion technique involving nested QR codes, where malicious codes are embedded within or around legitimate QR codes.
This method creates detection ambiguity by presenting scanners with conflicting results, the outer QR code points to a malicious URL, while the inner code leads to legitimate destinations like Google. The overlapping structure complicates automated analysis and can fool both security systems and users.
These evolving attack vectors highlight the limitations of traditional security measures and the necessity for multilayered protection strategies. Organizations must implement comprehensive defenses including security awareness training, multifactor authentication, and robust spam filters.
However, the most effective approach involves deploying multimodal AI capabilities that can render attachment images to visually locate QR codes, decode their content, analyze destination URLs, and execute suspicious links in sandbox environments.
Multimodal AI systems enhance detection by using machine learning to analyze QR code structure and pixel patterns without requiring content extraction.
Barracuda’s multimodal AI combines OCR, deep image processing, and natural language models to detect image-based phishing emails, even those containing only QR codes.
As attackers continue innovating their quishing techniques, security solutions must evolve correspondingly to protect against these sophisticated social engineering attacks that exploit both technological vulnerabilities and human trust in everyday digital interactions.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
The post QR Code Traps – How Hackers Turn Everyday Scans into Data Theft appeared first on Cyber Security News.
We've seen the Alien and Predator franchises cross over numerous times across various media, but…
Check out this brand new deal on a high-capacity, high-output power bank with a huge…
It takes more than a single speaker to reproduce an entire soundstage. That's where Sonos'…
Two upcoming poetry Sangha events aim to engage participants in mindfulness meditation and spiritually-grounded personal…
North Korea has been running one of the most quietly effective cyber fraud operations in…
A rogue npm package named js-logger-pack has been caught quietly turning Hugging Face, a widely trusted AI…
This website uses cookies.