Malware – Malicious Scalable Vector Graphics SVG image files
Uncategorized January 25th, 2017The ISC warns of malicious Scalable Vector Graphics (SVG) “image files” that are circulating in the wild. While SVG files are rarely used, they can execute scripts and trick users into disclosing sensitive information or infected them malware. The SVG file extention is a good one to add to the email blocking list and to avoid if encountered when visiting websites
https://isc.sans.edu/forums/diary/Malicious+SVG+Files+in+the+Wild/21971/
http://securityaffairs.co/wordpress/53650/malware/svg-images-locky.html
In November 2016, the Facebook messenger application was used to deliver malicious SVG files to people. SVG files (or “Scalable Vector Graphics”) are vector images that can be displayed in most modern browsers (natively or via a specific plugin). More precisely, Internet Explorer 9 supports the basic SVG feature sets and IE10 extended the support by adding SVG 1.1 support. In the Microsoft Windows operating system, SVG files are handled by Internet Explorer by default.
From a file format point of view, SVG files are XML-based and can be edited/viewed via your regular text editor. Amongst all the specifications of the SVG format, we can read this one in the W3C recommendations. All aspects of an SVG document can be accessed and manipulated using scripts in a similar way to HTML. The default scripting language is ECMAScript (closely related to JavaScript) and there are defined Document Object Model (DOM) objects for every SVG element and attribute.
