VirusTotal has uncovered a sophisticated phishing campaign that uses SVG (Scalable Vector Graphics) files to impersonate Colombia’s judicial system, tricking victims into downloading malware.
The discovery was made possible after the platform’s AI-powered Code Insight feature added support for analyzing SVGs, enabling it to detect malicious behavior that traditional antivirus engines missed.
SVG files are typically used to create images from lines, shapes, and text, but cybercriminals have increasingly exploited their ability to embed HTML using the element and execute JavaScript.
In this case, the attackers crafted SVGs that rendered convincing portals mimicking Colombia’s judiciary, complete with case numbers, security tokens, and official-looking design elements to inspire trust. When opened, the fake portal displayed a simulated download progress bar and instructed users to retrieve a password-protected ZIP archive.
The password itself was provided directly on the spoofed page, reinforcing the illusion of legitimacy.
Once extracted, the archive contained four files, including a legitimate executable from the Comodo Dragon web browser that had been renamed to appear as an official judicial document.
Alongside it was a malicious DLL designed for sideloading, as well as
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: