Malicious javascript embeded in SVG - what it does? Malicious javascript embeded in SVG - what it does? google-chrome google-chrome

Malicious javascript embeded in SVG - what it does?


javascript windows facebook google-chrome svg

You are correct that the SVG file has embedded javascript. SVG's are Vector graphic files which will draw a image in the browser based on the instructions inside the file. The SVG you found contains obfuscated javascript to hide what is actually going on.

At a glance from what I can see, it is a script to open a new browser window and load a new URL, so by itself, it is not dangerous, it all depends on what website it is redirecting you to, and what scripts are set to kick off when you reach the website.

So in short, it CAN harm your computer given the assumption that the site you're being redirected to is malicious.

I hope that helps.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last