Adult Sites Manipulating SVG Files for Malicious Facebook Likes
In an alarming development, numerous adult websites are utilizing a sneaky method to gain Facebook likes by harnessing hidden exploit codes within .svg image files. This maneuver draws from a longstanding tradition of embedding malware to generate unauthorized endorsements across social media platforms.
The .svg, or Scalable Vector Graphics format, is distinct in its use of XML-based text for rendering images. This feature allows for resizing without compromise in image quality. However, it also opens a door to potential misuse. The text can include HTML and JavaScript, which can be manipulated for various attacks such as cross-site scripting and HTML injection.
The firm Malwarebytes has identified a disturbing trend where certain adult sites deploy these booby-trapped .svg files towards selected viewers. Upon interaction, these files covertly log a 'like' to the site's promotional Facebook posts, exploiting the victim's browser functionalities behind the scenes. This sophisticated strategy involves layers of encrypted JavaScript encoded using a method known as "JSFuck."
Once decoded, these scripts unleash a known harmful script named Trojan.JS.Likejack, which secretly causes a browser to endorse specific Facebook content, provided that the user is logged in to their account at the time.
Historically, the potential for .svg files to be exploited has been recognized. Miscreants have used similar strategies for phishing attempts, employing the .svg format to mimic legitimate login pages with pre-filled information to deceive users. Observation by Malwarebytes uncovered a slew of porn sites, primarily reliant on the WordPress platform, engaging in likes manipulation using these compromised .svg files.
Repeated efforts by Facebook to enforce actions against accounts indulging in such deceptive practices have been undermined by perpetrators who persistently return under new guises. This ongoing challenge highlights the importance of vigilance and continuous improvement of security measures against evolving threats.
