1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers are sneaking malware into SVG images to bypass antivirus

    From TechnologyDaily@1337:1/100 to All on Mon Sep 8 18:45:09 2025
    Hackers are sneaking malware into SVG images to bypass antivirus - here's
    what we know

    Date:
    Mon, 08 Sep 2025 17:32:00 +0000

    Description:
    SVG files used to trick people into downloading malicious DLLs.

    FULL STORY ======================================================================Hackers use malicious SVG files to mimic Colombias judicial system Victims download fake ZIPs that install malware via a renamed browser and DLL Over 500 files found; likely spread through phishing, mostly targeting Colombians

    Hackers are sharing malicious SVG files which spoof real-life websites in order to trick victims into downloading damaging items.

    Cybersecurity researchers VirusTotal spotted the malware after adding support for SVG to their AI-powered Code Insight platform.

    Scalable Vector Graphics (SVG) files are used to display images that stay sharp at any size. Since theyre based on XML, they can contain not just
    shapes but also scripts and embedded code, and attackers can exploit this by hiding malicious JavaScript or links inside an SVG. The file can then trigger drive-by downloads, phishing redirects, or script execution when opened in a browser . 500+ SVG files

    In this campaign, SVG files opened with a browser rendered a credible-looking website of Colombia's judicial system, also displaying a fake download progress bar. Once the download is completed, the users are prompted to save
    a password-protected ZIP archive to their computers.

    The SVG files are most likely shared through phishing messages, spoofing a court order email or something similar.

    "The fake portal is rendered exactly as described, simulating an official government document download process," VirusTotal said in its report. "The phishing site includes case numbers, security tokens, and visual cues to
    build trust, all of it crafted within an SVG file."

    The downloaded ZIP archive reprotedly contained a legitimate executable from the Comodo Dragon web browser, renamed to seem as an official judicial document, a malicious DLL, and two encrypted files. If the victim runs the browser, it triggers the DLL, installing additional malware onto the system.

    VirusTotal said that it now identified more than 500 SVG files that were part of the same campaign, but have flown under the radar of antivirus solutions and other endpoint protection platforms.

    We dont know a lot about the victims, other than they are most likely Colombian.

    This isn't the first time SVG files have been used to carry out phishing attacks - back in February 2025, experts warned of a rising number of incidents with .SVG files in attachments.

    Via BleepingComputer You might also like Thousands of Chess.com fans may
    have had details stolen in cyberattack Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/hackers-are-sneaking-malware-into-svg-i mages-to-bypass-antivirus-heres-what-we-know


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)