Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems


Scalable Vector Graphics (SVG) pictures contained in HTML email attachments are used in phishing attempts that use the Qakbot malware. The new method of dissemination was discovered by Cisco Talos, which claimed to have discovered phoney email messages with HTML attachments that contain SVG pictures that have been encoded using HTML script tags.

Instead of using HTTP to acquire the malware from a distant server, HTML smuggling runs encoded harmful code included within the lure attachment and assembles the payload on a victim’s computer using legal HTML and JavaScript features.

Read More…