VirusTotal has uncovered a sophisticated phishing campaign using SVG files that impersonate Colombia’s judicial system to deliver malware. The use of AI-powered analysis enabled detection of these threats, which evade traditional antivirus scans. #SVGPhishing #ColombiaJudiciary
Keypoints
- VirusTotal’s AI Code Insight platform can detect malicious behavior in SVG files used in phishing campaigns.
- The campaign involves SVG files displaying fake portals with HTML and JavaScript, tricking users into downloading malware.
- Threat actors create realistic portals with case numbers and security tokens to mimic official government sites.
- The phishing attack delivers a password-protected ZIP with malicious files, including a DLL and a legitimate browser executable.
- Support for SVGs in AI analysis tools significantly improves the ability to identify and expose hidden threats.