Hackers Attacking Cyberspace with Weaponized SVG Files

Scalable Vector Graphics (SVG) files have been repurposed by cybercriminals to distribute malware; this is a strategy that has changed dramatically with the release of the AutoSmuggle program. Launched in May 2022, AutoSmuggle makes it simpler for attackers to get around security safeguards by enabling the insertion of malicious files within HTML or SVG content.

Deliveries of Prominent Malware through SVG Early on

Since 2015, SVG files have been improperly used to distribute malware, with ransomware being one of the first to be distributed via this method. SVG files were utilized in January 2017 to download the virus Ursnif over URLs. The delivery of malware like QakBot using SVGs via embedded.zip packages marked a paradigm change in 2022 from external downloads to HTML smuggling methods.


The Role of AutoSmuggle in Malware Campaigns

The 2022 release of AutoSmuggle on GitHub was a watershed moment. When the victim opens SVG/HTML files that the program has embedded with executable files or archives, the files are encrypted and ready for execution. Secure Email Gateways (SEGs), which normally identify and quarantine direct email attachments, are cleverly circumvented by this technique.


In December 2023 and January 2024, two noteworthy AutoSmuggle campaigns were launched, providing Agent Tesla Keylogger and XWorm RAT, respectively.

Techniques for Delivering Malware Using SVG

As per the CoFense research, here are some main ways in which hackers can deliver the malware using SVG files:

  1. JavaScript Direct Download: When the embedded URLs in the original SVG files were accessed, a malicious payload was downloaded. Later iterations showed a graphic to divert the user's attention while the download was happening.
  2. HTML Style Embedded Object: The malicious payload is embedded in more modern SVG files, thus no external resources are required. These files frequently rely on the victim's inquisitiveness to engage with the file that is sent.

Campaign Analysis: XWorm RAT & Agent Tesla

Emails with SVG files attached were the hallmarks of the Agent Tesla Keylogger campaign. These files opened an embedded.zip archive with a JavaScript code, which started a chain of downloads that eventually executed the keylogger.

Using three different infection chains—PDFs, embedded links, and direct SVG attachments—the XWorm RAT campaign took a different method, ultimately distributing the malware through several scripting files.

Campaigns Differ from AutoSmuggle

Analysis revealed that these campaigns' SVG files differed slightly from the default AutoSmuggle-generated files. For example, the SVGs used in the Agent Tesla campaign enhanced the illusion by redirecting to a webpage that looked real, Maersk.

In contrast, the XWorm RAT campaign SVGs used a less sophisticated strategy than the Agent Tesla effort, showing a blank page in place of an image.


SVG files are being used to spread malware, especially when AutoSmuggle is used. This indicates that the threat landscape is constantly changing as attackers find new ways to get around security measures. Gaining an understanding of these methods is essential to creating more potent defenses against such complex cyberattacks.