BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks

Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files and clever redirection tricks, the BianLian ransomware group is bypassing traditional security to deploy high-speed AES encryption.

Companies across Venezuela are currently being targeted by a digital trap that uses everyday office images to bypass security. Researchers at the firm WatchGuard recently identified a wave of malicious files being downloaded by unsuspecting victims, with almost all of the activity concentrated in Venezuela. The attack begins with a simple phishing email containing an attachment that appears to be a routine invoice or budget.

How a Simple Image Becomes a Threat

We usually trust images more than links, which is exactly what these attackers are counting on. The emails contain SVG files, a common format for logos and graphics, with filenames written in Spanish to look legitimate. While these seem like pictures, they actually ...