A naukri.com initiative
Hackernoon
1w
309
Image Credit: Hackernoon
Hackers Are Hiding Malware in This Common Image Format—And It’s Working
- Hackers are increasingly using the scalable vector graphics (SVG) file format to conceal malware, scripts, and malicious HTML in phishing campaigns, bypassing email security filters.
- SVG files accounted for 6.6% of malicious attachments in phishing emails in Q1, marking a 245% increase from the previous quarter.
- Threat actors exploit the text-based nature and scalability of SVG files to automate redirects to malicious sites, facilitate credential harvesting, and distribute malware.
- SVG-based attacks often involve polymorphic strategies and personalized phishing tactics to evade detection by secure email gateways.
- SVGs can bypass security mechanisms due to their perceived legitimacy, text-based format, ability to embed codes like JavaScript, and impersonation capabilities.
- These files pose multiple threats, including XSS attacks, phishing schemes, file tampering, DoS vulnerabilities, and facilitating lateral network movements by attackers.
- To mitigate SVG-based phishing risks, organizations are advised to authenticate email attachments, educate users on spotting malicious SVGs, disable script execution in browsers, control file uploads, and implement Content Security Policies (CSPs).
Read Full Article
18 Likes
For uninterrupted reading, download the app