Uncovering a Colombian Malware Campaign with AI Code Analysis

VirusTotal’s Code Insight analysis highlights that modern and legacy vector formats (SVG and SWF) remain abused by attackers: an undetected SVG family was found to contain embedded JavaScript that renders a phishing portal impersonating the Colombian Fiscalía and silently forces download of a malicious ZIP dropper. Using patterning (Spanish comments) and retrohunting, analysts linked dozens of undetected samples into a campaign showing polymorphism, obfuscation, email delivery, and at least 523 historical matches for a simple YARA signature.