A new phishing campaign exploits SVG files containing embedded scripts to perform browser redirects and evade detection. Targets include B2B service providers, with attackers using spoofed domains and low-reputation URLs to distribute malicious payloads. #SVGPhishing #B2BThreats
Keypoints
- Cybercriminals utilize SVG files with embedded obfuscated JavaScript for browser redirects.
- SVG files are delivered through phishing emails with spoofed domains and weak email authentication protocols.
- The malicious script decrypts a payload at runtime, enabling stealthy redirection without user interaction.
- The campaign mainly targets financial, utility, and SaaS organizations handling critical data.
- Defenders should treat inbound SVGs as executable content and enforce strict email authentication and filtering policies.
Read More: https://www.securityweek.com/threat-actors-use-svg-smuggling-for-browser-native-redirection/