Adult sites are stashing exploit code inside racy .svg files

Porn sites are using malware hidden in .svg image files to generate likes on Facebook without users' knowledge. The .svg format allows for high-quality, scalable graphics using XML-based text, which can also include HTML and JavaScript, making it susceptible to various attacks like cross-site scripting and denial of service. Security firm Malwarebytes found that visitors to these sites unknowingly trigger the malware by clicking on the images, leading to unauthorized Facebook likes. This method highlights the risks associated with file formats that can embed executable code.