New Malware Spreading On Facebook In The Form Of .SVG Image Files

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

A new strain of malware has recently been discovered spreading on Facebook using innocent-looking image files to infect your computer. According to a security researchers: the malware comes in the form of .SVG image files, which are sent from compromised Facebook accounts. SVG image files which are not like other common file types, it has the ability to contain embedded content like JavaScript.

What is an .SVG file?

Scalable Vector Graphics (SVG) is an XML-based vector image format for two-dimensional graphics with support for interactivity and animation. The SVG specification is an open standard developed by the World Wide Web Consortium (W3C) since 1999.

How does the malware spread:

By clicking on the image sent, it redirects the user into a website posing as YouTube. After redirecting to that particular website the page will then ask the user to download a certain codec extension in Google Chrome in order to view the video, and this is where malware is injected.

1479726613_fb_nemucod

Installing the purported extension will give it the capability to alter user’s data regarding websites they visit. This was discovered by Bart Blaze, a security researcher where he explains that the extension will also spread the malware further on Facebook, compromising the victim’s account.

1479726814_capture_story

It is not clear on how the SVG files bypassed Facebook’s file extension filter, which only accepts a set number of extensions. However Facebook’s security team has been reportedly notified about this and  now the malicious Chrome extension has also been removed.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply