Hackers use cards from the ‘Squid Game’ series to steal sensitive data with QR codes

For a few weeks now, the TV series ‘The Squid Game’ has become a phenomenon of popularity among Netflix users around the world and, as usual, threat actors are already looking for the best way to take advantage of this popular series, so it is necessary to remain alert.

Police in Gijón, Spain, have alerted residents to a cybercriminal group that has been placing themed cards from the series with a QR code on the back. As in South Korean production, the cards have printed images of a square, triangle and circle and are placed in random public places, including shopping malls, parks and public transport stations.

For users who have not seen the series, in the story these cards are given to candidates to participate in a game of life and death, so finding one of these items on the street could be attractive to fans. However, the authorities recommend not scanning the QR code printed on the card, as there is a risk that this action will redirect users to malicious websites created especially to steal their confidential information and infect their mobile devices with malware.

This attack method, known as QRshing, is a social engineering tactic based on having a target user scan a QR code to take them to an insecure website where they are asked to hand over login credentials, phone numbers, and even biometric data for malicious purposes. Although more data is still missing to confirm it, the authorities believe that this Squid Game campaign could have as its purpose the theft of login credentials.

As mentioned above, data theft is not the only risk stemming from a campaign like this, as the attackers’ website could also be loaded with mobile malware, which after installation on the affected system would allow the deployment of second-stage attacks.

The main recommendation of cybersecurity experts is to completely ignore these QR codes but, in case you have used this code, avoid entering any data on these platforms, in addition to checking recent downloads on your device for any traces of unauthorized activity.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.