Dustin Decker

QR Codes and qrDecoder

Quick Response (QR) codes are two-dimensional barcodes that can store a variety of data, such as alphanumeric text, URLs, or other binary data. They were initially created by Denso Wave, a subsidiary of Toyota, in 1994 for tracking automotive parts during manufacturing. QR codes have gained widespread popularity due to their ability to store large amounts of information and their ease of use.

QR codes can be scanned using a smartphone or dedicated QR code reader, allowing users to quickly access information, websites, or other digital content. They are commonly used for various purposes, including product labeling, mobile payments, ticketing, and marketing.

This QR Code contains URL https://sans.edu

I’ve coded and published a python script, qrDecoder. For a given QR code image it will decode the URL and submit to VirusTotal for safety rating.

Usage: python script.py qr_code.png

You will need to visit virustotal.com and obtain your own API code.

Create .evn file with contents:
VIRUSTOTAL_API_KEY=YOUR_API_KEY_GOES_HERE

Security Risks Associated with QR Codes:

While QR codes offer convenience and efficiency, they also pose certain security risks. Here are some potential concerns:

Malicious Codes: Cybercriminals may create QR codes that, when scanned, redirect users to malicious websites, download malware, or initiate phishing attacks. Users should be cautious about scanning QR codes from unknown or untrusted sources.
Data Privacy: QR codes can encode sensitive information, such as personal details or financial data. If the QR code is not properly secured or the information it contains is not adequately protected, there is a risk of unauthorized access and data breaches.
URL Spoofing: Attackers may create QR codes with deceptive URLs that closely resemble legitimate websites. Unsuspecting users who scan these codes may be directed to fraudulent sites designed to steal login credentials or other sensitive information.
Insecure QR Code Readers: Some QR code scanning apps or devices may have security vulnerabilities that could be exploited by attackers. It’s essential to keep QR code reader applications updated to the latest versions with security patches.
Physical Tampering: In some cases, attackers may physically alter QR codes, either by placing stickers over legitimate codes or by creating counterfeit labels. This can lead users to unintended destinations or compromise the integrity of the information being conveyed.

To mitigate these risks, users are advised to:

Only scan QR codes from trusted sources.
Ensure that QR code reader applications are up-to-date.
Verify URLs before visiting websites obtained from QR codes.
Be cautious when scanning QR codes in public places or on unfamiliar items.
Regularly check for any unauthorized activities or changes in account information related to QR code scans.

By staying vigilant and following best practices, users can use QR codes safely and minimize the associated security risks.

Dustin Decker

Hello World! My name is Dustin Decker, and I am a full-time security researcher and student with over twenty years of experience as an information systems engineer. I am currently beginning my senior year pursuing my second bachelor’s degree in applied Cybersecurity (BACS) with the SANS Technology Institute. I anticipate graduating in May of 2024. I am a skilled Information Security Analyst with expertise in risk management framework (RMF), systems development life cycle (SDLC), security life cycle, management of a wide range of vulnerabilities and threats, fundamental business analysis, and project management. Skills: Microsoft Azure FedRAMP, Puppet, Artifactory, Django, Riverbed Steelscript, Riverbed SteelCentral NetShark, Vagrant, Chocolatey, MuleSoft, PostgreSQL, JavaScript, BASH Scripting, PowerShell, RHEL, DevOps, Docker, Visual Studio, BeEf, Bucket Finder, TLS-Scan, CeWL, JQ, Masscan, Metasploit/Meterpreter, Zenmap, Nmap, Mimikatz, SpiderFoot, Unshadow + John, Volatility, and personal new favorite: SRUM-Dump. I specialize in providing IT security expertise and guidance in support of security assessments and continuous monitoring for government (FISMA & NIST) and commercial clients. I am comfortable in heterogenous environments with tens of thousands of hosts.

01/07/2024

Python, Security Musings, Totally Random Tech Information

download, python, scripts

Meet Dustin Decker, an accomplished information security research analyst with a wealth of expertise in daily cyber defense, incident response, intrusion detection, and network forensics.