Annual Plan Discounts. Up to 30% OFF

This Hacker Created a QR Code Generator to Sneak Into Fancy Airport Lounges for Free. Who Wouldn’t Want That?

Nowadays, waiting for a delayed flight is not a tedious or even infuriating experience as it used to be. At least for some, of course.

Instead of having to roam for hours in a crowded space, travelers can gain access to fancy airport lounges. It’s all about the comfort, you see? In a first class airport lounge you can rest, shower, have a drink or even buy goods at duty-free shops.

So, what happens if there’s an error and your special QR code based credentials are revoked, thus leaving you out of the heavenly airport lounge? Well, you could just go to the information desk and complaint about it… or you could create a dedicated QR code generator to hack your own QR codes… Just kidding, don’t do it.

The thing is that someone did just that. Przemek Jaroszewski, the head of Poland’s Computer Emergency Response Team and a frequent flyer who has a gold status, wasn’t allowed inside Warsaw’s airport lounge due to a technical error. It so happens that the automated boarding pass reader rejected Przemek QR code.

This issue inspired Przemek to put his hacker skills into “good” use. He developed an Android based QR code generator in which he can create QR codes with fake flight information that can be read by the lounge scanners with no problem whatsoever.

This video uploaded by Przemek himself shows how he bypassed the system in real time. It’s worth to watch.

Przemek is not trying to get away with this (he’d rather avoid the FBI). Instead, he is trying to prove a point. His app, which has been tested in several airports all across Europe, has led him to the conclusion that airport lounges only validate travelers with real flight numbers. They don’t cross-check personal information within the code itself.

This is a major security flaw that can be easily exploited by anyone. Travelers could get access to airport lounges and buy products that are exempt from taxes, without having their own flight ticket.

Wired’s article explains that “fake boarding passes are hardly a new hacker trick”. And we couldn’t agree more. But what about the QR codes themselves? If hackers can generate QR codes to forge credentials, what is stopping them from creating codes that when scanned can infect your mobile device with a virus? The simple answer would be to scan using a secure QR code reader.

Where can you get a Secure QR Code Scanner?

QR codes are usually accompanied by some sort of contextual information. This not only provides motivation for you to scan it but it also helps you feel safe that QR code’s link is not malicious. You wouldn’t just scan a random code and hope nothing bad happens.

In any case, if you accidentally happen to scan a QR code that distributes malware, chances are you wouldn’t have noticed it. Your QR code reader might no be able to check the QR code’s content and determine whether or not it’s safe to open.

In our search for the best QR code scanners out there, we’ve stumbled upon one in particular that outshines the others when dealing with this sensitive issue: Kaspersky’s QR Scanner

Kaspersky's QR Scanner

Kaspersky Lab is a company that excels at providing IT security services for consumers and businesses alike. Their software catalogue includes ad cleaner, password manager, safe browser and more. They even offer corporate products like file server security and systems management.

Kaspersky’s QR Scanner, it works as you’d expect: point your mobile device’s camera at the code and the app will do the rest. But instead of giving you the option to open the link on your browser right away, it’ll take an extra second to verify if the content is legitimate. If it’s not, it will let you know if there’s a phishing or malicious link.

As far as QR code readers go, Kaspersky brought something unique to the table that relates to those who want to be on the safe side after scanning a QR code; all of us, for that matter. Plus, the app is free 🙂

Heading back to the lounge

Przemek Jaroszewski’s experiment poses a problem that needs to be resolved sooner rather than later. Aside from the obvious which is that lounges are meant to be accessed by VIPs, the real deal here is that through the use of QR codes hackers can achieve a great many things.

Personal information could be retrieved, your device’s storage could get corrupted, mobile payments could be made without your consent… All of this can be prevented by double-checking… or installing Kaspersky’s QR Scanner. No more blind scanning QR codes!

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Share on email

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover why Fortune 100 companies choose to work with us every day.

More from uQR.me

The Impact of QR Codes in Hospitals

The medical industry relies on technology to keep abreast of advancements. Learn more about how the technology can help your health practice.

Are QR codes safe? Tips & tricks for a more secure mobile marketing

As the world rolls into August 2021, we’ve recently observed a pretty important global milestone – 500 days of Covid.

Things certainly aren’t the same – and while the daily headlines ensure we don’t lose track of the big changes, there have been a few that have surprisingly flown under the radar – and could still pose major concerns regarding our security and safety in an increasingly digital world.

Merry Christmas and Happy New Year with QR codes

Merry Christmas and Happy New Year with QR codes!

2020 was a challenging year, to say the least. COVID-19 took the world by storm, and we, as a society, had to quickly adapt to what we now call the new normal. It has been challenging, but thankfully, hope comes as 2020 ends and 2021 begins. A new future awaits us, and QR codes will play a big part in its unraveling. In fact, they have proven that already by helping us stay safe during these hard times.