QR codes a powerful new phishing weapon in hands of Pyongyang cyberspies

Source: The Register

North Korean government hackers are turning QR codes into credential-stealing weapons, the FBI has warned, as Pyongyang's spies find new ways to duck enterprise security and help themselves to cloud logins. In an advisory published this week, the agency said the Nork-linked "Kimsuky" group has been embedding malicious URLs inside QR codes delivered in carefully-crafted spear phishing emails, a technique the industry is now calling "quishing." When a target scans the booby-trapped code, usually on a phone that security teams have little visibility into, they are redirected to attacker-run pages posing as Microsoft 365, Okta, or VPN portals, where credentials and session tokens are quietly stolen and later reused to bypass multi-factor authentication. Full Story