Beware: Scalable Vector Graphics Files Are A New Ransomware Threat

Creative cyber criminals are taking advantage of Facebook's compatibility with SVG images to infect victims with ransomware. SVG (scalable vector graphics) files are dangerous on social media sites, email, and even instant messaging tools, as this format is designed with the ability to contain embedded content code such as JavaScript, which can be opened via Web browser. 

A recent incident involved spammers that leveraged Facebook to conduct a campaign to infect unsuspecting victims with the Locky ransomware. This malware is unforgiving and is designed to encrypt users’ files and hold them for extortion.

SVG images are also used on websites, making them a target. If attackers hack a website and replace the current SVG files with ones containing malware, then visitors to that site may become infected. By the time the company realizes its Web page has been infecting its customers, the situation may turn into a catastrophic business debacle.

Many organizations implement strong precautions and security to protect their internal networks from external threats, but not as many are vigilant in watching code on their websites for minor graphical changes.

Technology is great and can be used to do wonderful things. SVG files offer many advantages as graphics go, but they can be abused. Without sufficient controls to protect potential victims, I recommend blocking SVG files on social media sites. Although extreme, it may be prudent to also abandon the use of SVG images on websites until security software can catch up with features to test such embedded code for malicious actions with a high degree of confidence.

Interested in more? Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.