Intel Name: An old vector for new attacks: how obfuscated svg files redirect victims
Date of Scan: April 7, 2025
Impact: High
Summary: The blog explores the growing use of Scalable Vector Graphics (SVG) files in phishing and malware campaigns. SVG files, which are based on XML, can embed malicious JavaScript, making them an attack vector. The blog focuses on one technique—standalone SVG attachments—where malicious files trigger automatic browser redirects when opened, bypassing URL scanning protections. Recent campaigns have used various themes, such as voice notes and bank transfer details, employing obfuscation tactics to evade detection and trick victims into visiting phishing sites.
