Potential new technique - QRLJacking

Open ajpc500 opened this issue 6 months ago • 0 comments

Is it worth adding QRLJacking as an Initial access vector?

It's currently missing from ATT&CK and with ITW use and a very SaaS-native feel to it, it might be a good addition

Abuse from Star Blizzard: https://www.microsoft.com/en-us/security/blog/2025/01/16/new-star-blizzard-spear-phishing-campaign-targets-whatsapp-accounts/
Research post from Kuba Gretzky: https://breakdev.org/evilqr-phishing/

Jul 13 '25 08:07 ajpc500