SVG images – the hidden threat your anti-virus can’t see
This new type of file-based attack poses a considerable challenge for detection-based security tools. CDR-based security solutions, however, retain the upper hand. Content Disarm and Reconstruction (CDR) file sanitization technology disarms all malicious embedded elements, including any hidden scripts or heavily obfuscated archives, through recursive unpacking and scanning, followed by detection-less threat mitigation, through reconstruction. In tests run recently at Sasa Software’s cybersecurity research lab, all malicious scripts that were included in embedded SVG images and sent through GateScanner’s CDR engines were completely disabled, and the threats were neutralized.
Keywords: SVG image, Quakbot, Malware, Anti-malware, Content disarm and reconstruction, CDR, Smuggled HTML