"Tencent Acknowledges Using Poisoned QR Code on QQ Chat Platform Attack"

Chinese Internet company Tencent has confirmed a significant account hijacking attack on its messaging and social networking platform QQ. A number of QQ users claimed that their login credentials were no longer giving them access to their accounts. Tencent refers to this issue as "stolen" accounts. Tencent claims that the problem started when scammers uploaded QR codes offering gaming logins. After scanning the codes, users were given the option to verify using their QQ login information. The malicious actors hijacked and recorded the login behavior, which was later used by the criminals to send "bad picture ads." This also resulted in users getting locked out of their accounts. China is likely interested in Tencent and whoever created the malicious QR codes, given that the country recently made it clear that it wants its digital titans to take their responsibilities to the country seriously. If it is found that Tencent did not offer sufficient protection to prevent this issue, it might receive a "rectification notice." This article continues to discuss the poisoned QR code attack on the QQ chat platform. 

CyberIntelMag reports "Tencent Acknowledges Using Poisoned QR Code on QQ Chat Platform Attack"