BleepingComputer reports that more threat actors were discovered by MalwareHunterTeam to have been leveraging Scalable Vector Graphics attachments to facilitate stealthier phishing or malware attacks.
While SVG primarily enables the crafting of images using text, lines, and shapes in code rather than pixels, such files could also be utilized to show HTML and facilitate JavaScript execution in credential-stealing phishing forms, with BleepingComputer noting the discovery of an SVG attachment showing a phony Excel spreadsheet with a login form that allowed data exfiltration. Attackers have also used SVG attachments spoofing official information requests that lure targets into downloading malware, as well as other SVG files with images that redirect to phishing forms. Such a threat, which has not yet been effectively detected by security software, should prompt individuals and organizations to be more vigilant of SVG attachments, with non-developers urged to immediately delete such emails.
