Always something new… As these kinds of codes are mainly used on mobile phones (or only used on mobile phones) the malware actually addresses smartphones “only” – in this case Android: Hackers using QR codes to push Android malware. If you use a code such as this (source: ZDnet Article referenced):
You will be redirected to a website hosting the malware.
How often do you use these codes? I am using the gettag below since quite a while and get quite some click-through but personally I am not using them too often.
Anyway: Another attack vector to trick users into doing something they do not want.