Search This Blog

Powered by Blogger.

Blog Archive

Labels

Cybersecurity expert assessed the risks of QR code theft

He also gave advice on how to avoid stealing information about vaccination

 Stealing a QR code to confirm vaccination against coronavirus infection is theoretically possible. Cybersecurity specialist Sergey Vakulin told about this on October 26.

According to the expert, hackers can get to the QR code through remote access to the device on which the data is stored. They can also steal the code using a photo or video recording.

To avoid stealing information about vaccination with the help of video cameras or cameras, Vakulin recommended not to disclose the document in public places. In this case, the attacker will not be able to fix the QR code or the certificate ID.

“Even if a certificate identifier is obtained, an attacker can generate it himself with the help of a QR code constructor for a redirect to a government services website that stores information about certificates,” the specialist explained.

The expert warned that attackers can not only use the information received, but also sell it.

Roskomnadzor reported that since March 2021, 3,816 Internet resources that sold fake COVID-19 vaccination certificates and generated fake QR codes for attending public events have been removed or blocked.

In addition, Head of the Gamaleya Center academician Alexander Gintsburg noted that QR codes will remain an important element in the fight against COVID-19 until the necessary level of collective immunity can be achieved.

On October 25, the Ministry of Health approved the modified format of the COVID-19 vaccination certificate, which will consist of two sheets with a QR code and personal data of the patient with information about the vaccination, as well as contraindications and the coronavirus disease.

Recently, residents of Moscow were warned about a new type of fraud. Scammers call and offer to link a QR code confirming vaccination against coronavirus to bank or social cards. As a result, the money was debited from the account.

Share it:

Cyber Security