Watch out for SVG files booby-trapped with malware

Description

A recent malware campaign in Latin America demonstrates cybercriminals' evolving tactics. The attacks use social engineering, sending emails that appear to be from trusted institutions with urgent warnings about legal issues. The campaign's goal is to install AsyncRAT, a remote access trojan that allows attackers to control compromised devices. What sets this campaign apart is the use of oversized SVG files containing the full malicious payload, eliminating the need for external connections. The SVG files, when clicked, display a fake portal impersonating Colombia's judicial system. The campaign uses DLL sideloading to evade detection and appears to utilize AI-generated templates for customization. Colombia was the primary target, with attacks spiking mid-week throughout August.