According to Kaspersky, seller of the $10 Kaspersky antivirus app for Android, Android viruses are getting worse. Well, not really worse, just different. The latest attack vector comes in the form of malicious QR Codes. When you scan a QR code, your phone turns those funky squares into a URL. Just like any other form of URL obfuscation (eg, shorteners), that URL can go to a naughty place. Said naughty place could give you a virus.
Oh, I'm sorry, are you used to a little more hyperbole in your Android virus stories? ZDNet can help with that: "Hackers using QR codes to push Android malware ... Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their phones."
That's sounds scary, but lets go over the parts they left out.
- Naughty QR Code starts a download of Virus.APK
- You pull down the notification bar and click on the downloaded APK to install it
- The APK presents it's list of (probably ridiculous) permissions
- You ignore the permissions and click install
- You now have a virus
If this sounds like something you just can't avoid doing, Kaspersky will be happy to take your 10 dollars.