Cybercriminals have developed a new technique of hiding Javascript code in emails by using an invisible image. This technique allows the victim to be redirected to a compromised website without being detected by their computer’s security software. This type of attack is extremely dangerous as it bypasses filters and antivirus software, leaving the victims vulnerable to cyber threats.

Email security specialist, Avanan has discovered this new type of cyberattack that specifically targets attachments of e-mails. The attackers use a blank image to conceal the malicious code, making it difficult for security software to detect the attack.

The attackers often pretend to be a legitimate service such as DocuSign, a widely used electronic document signing service, in order to gain the trust of the victims. The email seems legitimate, and the button to access the document even refers to the DocuSign website. The attack is delivered in an attachment in .htm (HTML) format, which is an indication that the email is not legitimate.

It is important to be vigilant when opening attachments in emails, and to be aware of the latest cyber threats to protect yourself from potential attacks.

SVG vector image hides malicious JavaScript

A new type of cyberattack has been discovered that uses an HTML file containing a few lines of code, including an image in SVG vector format that is embedded in the HTML code and encoded in base 64. This technique is used to bypass filters and antivirus software, making it difficult for security software to detect the malicious code. Once decoded, the image contains JavaScript that redirects the victim’s browser to another page, which is used to infect the computer with malware or carry out a phishing attack.

The attack is triggered when the user clicks on the link in the message, which is why it is important to be cautious when opening attachments in emails. According to Avanan, even VirusTotal, which scans by combining more than 70 antivirus products, fails to detect the malicious code in this type of attack.

To protect against this type of attack, Avanan advises users to be wary of attachments in HTML format and recommends that administrators block such attachments as well as executable files. To ensure the safety of your computer and personal information, it is important to be vigilant when opening attachments in emails and to be aware of the latest cyber threats.