Attackers Hide JavaScript in SVG Images to Lure Users to Malicious Sites

Beware! SVG images are now being used with obfuscated JavaScript for stealthy redirect attacks via spoofed emails. Get insights from Ontinue’s latest research on detection and defence.

A new form of cyberattack is on the rise, with hackers now using seemingly harmless Scalable Vector Graphics (SVG) image files to sneak malicious code past traditional defences, reveals the latest research from the Ontinue Advanced Threat Operations team.

This technique, dubbed “SVG Smuggling” by researchers, weaponises these typically benign image files to redirect users to attacker-controlled websites without their knowledge. Ontinue’s findings, shared with Hackread.com, highlight these targeted attacks, primarily aimed at B2B Service Providers, including firms handling sensitive corporate data (like financial and employee information), Utilities, and SaaS providers, all frequently susceptible due to high email volumes.

Phishing Lure

The attack begins with deceptive emails crafted by cybercriminals using themes like “ToDoList,” “Missed Call,” or “Payment” notifications. These ...