.. /.Svg

Phishing

Script

Double Click

Contributors:

mr.d0x

Description:

SVG files are two dimensional vector graphics created using XML. SVG files are usually launched via the default browser upon being double clicked. They can also contain JavaScript making them dangerous.

OS:

Windows

Mac

Recommendation:

Change the default application for SVG files to a text editor such as Notepad. If feasible, block SVG files at the email gateway.

Resources:

https://blog.filestack.com/api/stop-malicious-code-from-infiltrating-svg-files

https://www.bleepingcomputer.com/news/security/svg-image-format-set-for-wider-adoption-in-malware-distribution/

.. /.Svg

Contributors:

Description:

OS:

Recommendation:

Resources:

File Samples: