SVG phishing campaign impersonating Colombia's judicial system
Campaign
Summary
Hide ▲
Show ▼
A phishing campaign hidden in SVG files is using fake portals impersonating Colombia's judicial system to deliver malware and evade security detection. The operation embeds JavaScript and HTML inside image files to display a fake government document download flow and prompt victims to fetch a password-protected ZIP. One analyzed sample had zero antivirus detections, showing how the lure bypassed conventional scanning. Investigators also tied 523 previously uploaded SVG files to the same campaign, indicating broader reach than the initial sample.
Related Happenings
TamperedChef malvertising campaign distributing backdoor malware through trojanized PDFs
Campaign
First: 16.01.2026 14:05
Last: 16.01.2026 14:05
Sources 1
About this happening:
The **TamperedChef** campaign is a **malvertising** operation that used **Google ads** and **more than 50 domains** to push a fake **AppSuite PDF Editor** and deliver the **Tamper...
TamperedChef malvertising campaign distributing backdoor malware through trojanized PDFs
CampaignAbout this happening: The **TamperedChef** campaign is a **malvertising** operation that used **Google ads** and **more than 50 domains** to push a fake **AppSuite PDF Editor** and deliver the **Tamper...
APT24 BadAudio multi-delivery espionage campaign
Campaign
First: 21.11.2025 00:12
Last: 21.11.2025 00:12
Sources 1
About this happening:
**APT24** is running a **three-year espionage campaign** with **BadAudio** that has expanded into multiple delivery methods, increasing the operation's reach and stealth. Since **...
APT24 BadAudio multi-delivery espionage campaign
CampaignAbout this happening: **APT24** is running a **three-year espionage campaign** with **BadAudio** that has expanded into multiple delivery methods, increasing the operation's reach and stealth. Since **...
Nimbus Manticore Western Europe critical infrastructure targeting campaign
Campaign
First: 23.09.2025 00:00
Last: 23.09.2025 00:00
Sources 1
About this happening:
The **Nimbus Manticore** campaign now targets **critical infrastructure** in **Western Europe**, expanding the group's reach beyond the Middle East and increasing the risk of cred...
Nimbus Manticore Western Europe critical infrastructure targeting campaign
CampaignAbout this happening: The **Nimbus Manticore** campaign now targets **critical infrastructure** in **Western Europe**, expanding the group's reach beyond the Middle East and increasing the risk of cred...
Fiscalía General de la Nación SVG phishing campaign
Campaign
First: 05.09.2025 09:13
Last: 05.09.2025 09:13
Sources 1
About this happening:
A **new SVG-based phishing campaign** is using email-delivered files to bypass detection and impersonate **Fiscalía General de la Nación**, increasing the risk of credential theft...
Fiscalía General de la Nación SVG phishing campaign
CampaignAbout this happening: A **new SVG-based phishing campaign** is using email-delivered files to bypass detection and impersonate **Fiscalía General de la Nación**, increasing the risk of credential theft...
Timeline
-
06.09.2025 21:58 2 articles · 8mo ago
VirusTotal uncovers SVG phishing campaign impersonating Colombia's judicial system
Initial DisclosureVirusTotal detected a phishing campaign hidden in SVG files that impersonated Colombia's judicial system, used JavaScript and HTML to render fake government document portals, and lured users into downloading a password-protected ZIP archive; one analyzed sample had zero antivirus detections, and VirusTotal later identified 523 previously uploaded SVG files tied to the same campaign.
Show sources
- VirusTotal finds hidden malware phishing campaign in SVG files — www.bleepingcomputer.com — 06.09.2025 21:58
- VirusTotal finds hidden malware phishing campaign in SVG files — www.bleepingcomputer.com — 06.09.2025 21:58