SVG Files Used in Hidden Malware Campaign Impersonating Colombian Authorities

7 Sep 2025

BreakingNewsCyberCrimeMalwareSecurityCybercrimeHackingHackingNewsInformationSecurityNewsITInformationSecurityPierluigiPaganiniSecurityAffairsSecurityNewsSVGFiles

VirusTotal has uncovered a sophisticated malware campaign leveraging SVG files to impersonate the Colombian judicial system. The campaign employs SVG files embedded with hidden JavaScript to deploy fake login pages mimicking the Fiscalía General de la Nación in Colombia. This tactic is designed to steal credentials and distribute malware. Notably, the campaign also utilizes outdated SWF files, indicating that attackers continue to exploit older vulnerabilities. This campaign underscores the evolving tactics of cybercriminals, who are increasingly using non-traditional file formats to evade detection. Organizations should inspect SVG files for embedded scripts, educate users on phishing risks, and ensure comprehensive patch management to mitigate vulnerabilities related to outdated file formats. Network monitoring is also crucial to detect and block suspicious activities. This incident highlights the importance of staying vigilant against emerging threats and maintaining robust cybersecurity practices.