Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Fake Facebook posts hide Trojan.JS.Likejack in SVG images

Malwarebytes has uncovered a scam hiding malicious JavaScript inside SVG images, using adult-themed social media posts to trick users into boosting fake Facebook pages.

byEmre Çıtak
August 11, 2025
in Cybersecurity, News
Home News Cybersecurity

Researchers at Malwarebytes have uncovered a campaign where cybercriminals embed malicious code in SVG (Scalable Vector Graphics) images. Unlike standard JPG or PNG pictures, SVG files are built using XML code, which can also carry HTML and JavaScript — the same languages used for interactive websites. This means an SVG can display a picture while secretly running harmful scripts in the background.

How the scam works:

  • Adult-themed blog posts, often featuring fake or AI-generated celebrity content, are promoted on social media platforms like Facebook.

    Stay Ahead of the Curve!

    Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

  • Clicking these links may prompt you to download an SVG file.

  • Opening or interacting with the file triggers hidden JavaScript, obfuscated to look harmless, that then downloads more malicious code.

The end goal is to install Trojan.JS.Likejack, a program that forces your browser to “Like” specific Facebook posts or pages if you’re already logged in. These fake likes artificially boost the scammers’ content in Facebook’s algorithm, helping them gain visibility without paying for ads.

Many of the pages in this network are built on WordPress or Blogspot, and they’re interconnected to generate hundreds of likes across multiple fake accounts. While Facebook actively removes these profiles, new ones appear just as quickly, making the cycle hard to break.

  • SVG files can be dangerous if opened from untrusted sources.
  • Attackers are using social media to make these scams appear legitimate.
  • This campaign exploits curiosity and adult content as bait, but the same tactic could be applied to other lures.

How to protect yourself:

  • Avoid downloading SVG or other files from unfamiliar websites.
  • Keep your antivirus and browser security features enabled.
  • Be wary of clicking links in social media posts that seem suspicious or sensational.
  • Log out of Facebook when not in use to reduce potential damage from Like-jacking attacks.

Using SVGs for malware delivery isn’t new, but this campaign’s blend of stealthy code, social engineering, and social media manipulation makes it especially dangerous.


Featured image credit

Tags: FacebookFeaturedsvg

Related Posts

Huawei unveils Atlas 950, 960 Ascend NPU superpods

Huawei unveils Atlas 950, 960 Ascend NPU superpods

September 23, 2025
Radware finds ChatGPT deep research ShadowLeak zero-click flaw

Radware finds ChatGPT deep research ShadowLeak zero-click flaw

September 23, 2025
FSR4 enabled on RX 6000 cards via leaked AMD files

FSR4 enabled on RX 6000 cards via leaked AMD files

September 23, 2025
Perplexity Comet browser uses AI on Chromium framework

Perplexity Comet browser uses AI on Chromium framework

September 23, 2025
Deepmind details AGI safety via frontier safety framework

Deepmind details AGI safety via frontier safety framework

September 23, 2025
OpenAI launches ChatGPT Go in Indonesia

OpenAI launches ChatGPT Go in Indonesia

September 23, 2025

LATEST NEWS

Huawei unveils Atlas 950, 960 Ascend NPU superpods

Radware finds ChatGPT deep research ShadowLeak zero-click flaw

FSR4 enabled on RX 6000 cards via leaked AMD files

Perplexity Comet browser uses AI on Chromium framework

Deepmind details AGI safety via frontier safety framework

OpenAI launches ChatGPT Go in Indonesia

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.