Saya kurang mengerti kaitan antivirus dengan keamanan QR Code. -snip-
Karena bisa saja pada QR Code tersebut terdapat URL berbahaya yang berisi malware yang dapat mengekstrak data dari ponsel ketika di scan atau bisa juga berisi link URL yang mengarah ke situs phising. Nah antivirus ini difungsikan sebagai salah satu langkah preventif untuk meminimalisir adanya malicious software yang otomatis terdownload baik ketika proses scan QR code ataupun ketika membuka URL link yang tertera didalamnya.
Attackers can embed malicious URLs containing custom malware into a QR code which could then exfiltrate data from a mobile device when scanned. It is also possible to embed a malicious URL into a QR code that directs to a phishing site, where unsuspecting users could disclose personal or financial information.
Because humans cannot read QR codes, it is easy for attackers to alter a QR code to point to an alternative resource without being detected. While many people are aware that QR codes can open a URL, they can be less aware of the other actions that QR codes can initiate on a user’s device. Aside from opening a website, these actions can include adding contacts or composing emails. This element of surprise can make QR code security threats especially problematic.
A typical attack involves placing malicious QR codes in public, sometimes covering up legitimate QR codes. Unsuspecting users who scan the code are taken to a malicious web page which could host an exploit kit, leading to device compromise or a spoofed login page to steal user credentials. Some websites do drive-by downloads, so simply visiting the site can initiate a malicious software download.
Mobile devices, in general, tend to be less secure than computers or laptops. Since QR codes are used on mobile devices, this increases the potential risks.