Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Virustotal Finds Undetected SVG Files

September 5, 2025
Reading Time: 3 mins read
in Alerts
Russian APT28 Deploys Outlook Backdoor

In a recent and alarming cybersecurity development, a phishing campaign has been uncovered that utilizes an unconventional and sophisticated method to deceive users. The attackers are leveraging Scalable Vector Graphics (SVG) files as the primary vector for their attacks. SVG is an XML-based vector graphics format that can be scripted, which is a key component of the attack’s success.  These malicious SVG files are being distributed via email and are cleverly designed to impersonate official portals of the Colombian judicial system’s Office of the Attorney General. When a user opens the file, an embedded JavaScript payload is executed, which then decodes a Base64-encoded HTML phishing page.

The fake phishing page that users are redirected to is highly deceptive. It presents a simulated government document download, complete with a realistic-looking progress bar. While the user is focused on this fake download, a ZIP archive is being stealthily downloaded in the background. This tactic is particularly effective because it uses distraction to hide the true, malicious action taking place. A ZIP file is a common file archive format that can contain various types of files, including malware. While the specific nature of the ZIP file was not disclosed, this method of delivering a secondary payload is a hallmark of sophisticated cyber-attacks.

A key element of this campaign’s success is its ability to evade traditional cybersecurity measures.

The SVG files, as reported by VirusTotal, have remained undetected by numerous antivirus engines. This evasion is achieved through a combination of techniques, including obfuscation, polymorphism, and the inclusion of large amounts of junk code. Obfuscation makes the code difficult for security analysts and automated systems to understand, while polymorphism allows the malware to change its code with each infection, making signature-based detection ineffective. The junk code further confuses static analysis tools, allowing the malicious payload to slip through undetected.

In a separate but equally concerning trend, cybersecurity researchers have also identified a new campaign targeting Apple macOS users with an information-stealing malware known as Atomic macOS Stealer (AMOS). The attackers are luring users by offering “cracked” versions of legitimate software on dubious websites.  When users attempt to download and install this pirated software, they are tricked into executing malicious commands in their Terminal application. AMOS is a particularly dangerous form of infostealer malware because it is designed to steal a wide range of sensitive data, including credentials, browser data, cryptocurrency wallets, and even chat logs and files from common folders.

The AMOS attack chain is notable for its ability to bypass Apple’s built-in security features, such as Gatekeeper.

Gatekeeper is a macOS technology that checks for a developer’s digital signature and Apple’s notarization to ensure an application is free of known malware before allowing it to run. By tricking users into manually running commands in the Terminal, the attackers circumvent these protections entirely. This highlights a growing trend where attackers are not only exploiting technical vulnerabilities but are also leveraging social engineering to manipulate users into taking actions that compromise their own security, proving that even robust security measures can be defeated by human error.

Reference:

  • Virustotal Finds 44 SVG Files Deploying Base64 Encoded Pages For Phishing Attacks
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecuritySeptember 2025
ADVERTISEMENT

Related Posts

Hackers Target Libraesva Email Flaw

Hackers Target Libraesva Email Flaw

September 30, 2025
Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

September 30, 2025
Hackers Target Libraesva Email Flaw

Cisco Warns Of IOS Zero Day Bug

September 30, 2025
Fake Microsoft Teams Installers Spread

Fake Microsoft Teams Installers Spread

September 30, 2025
Fake Microsoft Teams Installers Spread

Cybercriminals Use Facebook Google Ads

September 30, 2025
Fake Microsoft Teams Installers Spread

CISA Warns Of Critical Sudo Flaw

September 30, 2025

Latest Alerts

Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

Cisco Warns Of IOS Zero Day Bug

CISA Warns Of Critical Sudo Flaw

Cybercriminals Use Facebook Google Ads

Fake Microsoft Teams Installers Spread

Subscribe to our newsletter

    Latest Incidents

    Ukrainian Hackers Breach Crimean Servers

    Ransomware Gang Claims Maryland Breach

    Arizona School District Data Breach

    Attackers Take Down Asahi Brewer

    Harrods Alerts Customers To Breach

    Hackers Steal Photos From Kido Nursery

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial