Ukrainian National Police Impersonated in Fileless Phishing Attacks Using Malicious SVG Files

Attackers are impersonating the Ukrainian National Police to deploy Amatera Stealer and PureMiner malware through malicious Scalable Vector Graphics (SVG) files. This fileless phishing attack exploits SVG files to execute malicious code directly in the victim's browser, bypassing traditional file-based detection methods. Amatera Stealer is designed to exfiltrate sensitive information, while PureMiner is a cryptocurrency miner that leverages the victim's computational resources. The use of SVG files for malware delivery highlights the evolving tactics of cybercriminals, who are increasingly leveraging non-traditional file formats to evade detection. This attack underscores the importance of robust user education, advanced endpoint protection, and continuous network monitoring to detect and mitigate such threats. Organizations should implement robust email filtering solutions, ensure browser security settings are up-to-date, and have a well-defined incident response plan to address similar attacks effectively.