Hackers are spreading QR code malware through...the post?

Swiss residents are receiving QR codes for malware in the mail

· TechRadar

News By Craig Hale published 18 November 2024

(Image credit: Marielle Ursua (Unsplash))
  • Swiss citizens warned about fake ‘Alertswiss app’
  • Malicious app deploys a variant of the Coper trojan
  • Keystrokes, 2FA codes and credentials are at risk

The Swiss National Cyber Security Centre (NCSC) is warning the public about a recent malware campaign targeting citizens via the country’s postal service.

Residents are reportedly receiving letters through the post from what they believe to be the Federal Office of Meteorology and Climatology, urging them to install a fraudulent weather app.

The letters include a QR code to facilitate with the download of the Android-based ‘Severe Weather Warning App,’ which masquerades as the nation’s Alertswiss app.

Swiss citizens targeted by QR code malware

Using QR codes to spread malware isn’t new, however attack vectors can vary widely. When accessing online content, users should always be cautious of telltale signs that suggest the content they’re accessing is not legitimate.

In this case, the malicious app is labelled ‘AlertSwiss,’ whereas the genuine app is labelled ‘Alertswiss.’ It also has a slightly different icon. Furthermore, the app is distributed via a third-party website, rather than Google’s own Play Store, which is another key red flag.

Upon installation, the app deploys a Coper trojan variant that logs keystrokes, intercepts two-factor authentication messages and steals banking credentials by targeting apps installed on the victim’s device. According to the public warning, it has access to more than 383 smartphone apps.

The app also communicates with command-and-control servers, and can present phishing screens to obtain sensitive information from the victims.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors