Hackers spread Malware in Blank Images
— The researchers of the Avanan information security company found that attackers bypass the VirusTotal service by introducing malware into empty images in emails.
— The main role in the attack is played by an HTM attachment sent together with a DocuSign link. The attachment contains an SVG image encoded using Base64. Although the image is empty, this file contains jаvascript code redirecting to a malicious URL where hackers further infect the user.
— This campaign differs from others in that it uses an empty image with active content inside. Such an image is not detected by traditional services such as VirusTotal, as the researchers explain.