Hackers are spreading QR code malware through...the post?

News
By published

Swiss residents are receiving QR codes for malware in the mail

A person scanning a QR code on a smartphone
(Image credit: Marielle Ursua (Unsplash))
  • Swiss citizens warned about fake ‘Alertswiss app’
  • Malicious app deploys a variant of the Coper trojan
  • Keystrokes, 2FA codes and credentials are at risk

The Swiss National Cyber Security Centre (NCSC) is warning the public about a recent malware campaign targeting citizens via the country’s postal service.

Residents are reportedly receiving letters through the post from what they believe to be the Federal Office of Meteorology and Climatology, urging them to install a fraudulent weather app.

The letters include a QR code to facilitate with the download of the Android-based ‘Severe Weather Warning App,’ which masquerades as the nation’s Alertswiss app.

Swiss citizens targeted by QR code malware

Using QR codes to spread malware isn’t new, however attack vectors can vary widely. When accessing online content, users should always be cautious of telltale signs that suggest the content they’re accessing is not legitimate.

In this case, the malicious app is labelled ‘AlertSwiss,’ whereas the genuine app is labelled ‘Alertswiss.’ It also has a slightly different icon. Furthermore, the app is distributed via a third-party website, rather than Google’s own Play Store, which is another key red flag.

Upon installation, the app deploys a Coper trojan variant that logs keystrokes, intercepts two-factor authentication messages and steals banking credentials by targeting apps installed on the victim’s device. According to the public warning, it has access to more than 383 smartphone apps.

The app also communicates with command-and-control servers, and can present phishing screens to obtain sensitive information from the victims.

The NCSC said that this was the first time that malware had been delivered through physical mail in the country: “The letters look official with the correct logo of the Federal Office for Meteorology and thus trustworthy.”

Citizens targeted by the letter are being urged to report it to the NCSC. Those who have already downloaded the app should reset their phones to factory settings.

Via The Register

You might also like

TOPICS
Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Read more
Android phone malware
This nasty Android malware is posing as the Telegram Premium app
QR Code
Hackers are targeting Signal with new QR code-linked cyberattack
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
An iPhone sitting on a wooden table
Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Close up of a business person using a smartphone.
Watch out, malicious PDF files are being used again in phishing attacks
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Llama Water Tracker

My days of forgetting to drink water are over thanks to this adorable little app
See more latest
Most Popular
Asus Ascent GX10
Asus debuts its own mini AI supercomputer: Ascent GX10 costs $2999 and comes with Nvidia's GB10 Grace Blackwell Superchip
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Micron SOCAMM memory module
World's biggest RAM vendors develop superior memory form factor exclusively for Nvidia, sorry Intel and AMD
Asus Vivobook 18
The Asus Vivobook 18 is the only affordable 18-inch laptop right now, and it comes with a powerful CPU no other laptop has
Peter Claffey as Ser Duncan the Tall in The Knight Of The Seven Kingdoms
A Knight Of The Seven Kingdoms: The Hedge Knight – everything we know so far about HBO's Game of Thrones prequel
Vinpower iXFlash and iXFlash Cube
This tiny 2TB USB Flash drive can both charge and backup your iPhone at the same time