Researchers from Avanan have seen the worldwide spread of a new threat known as ‘Blank Image,’ where hackers attach blank images to HTML messages. The user is instantly sent to a malicious URL once they open the attachment.
Blank Image attack
Based on the bogus emails, you need to sign a DocuSign document. It is cryptically called “Scanned Remittance Advice.htm”. An SVG picture encoded with Base64 is in the HTML file, these SVG vector pictures encoded in HTML attachments are used by scammers to get around the security features that are often turned on automatically in email inboxes.
SVGs, are based on XML and are vector images, that can contain HTML script elements, in contrast to raster images like JPG and PNG. An SVG image is displayed and the JavaScript embedded in it is executed when an HTML document uses a <embed> or <iframe> tag to display the image.
Although the message’s body seems fairly safe, opening the HTML attachment lets its malicious payload loose on your device. This file contains the attack’s script rather than the XML information that a typical SVG would include.
As per researchers, this is a creative approach to mask the message’s genuine intention. It avoids being scanned by conventional Click-Time Protection and VirusTotal, mos
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: