QBot is a well-known Windows malware that is commonly distributed via phishing emails that load other payloads like CobaltStrike and various ransomware.
A recent QBot phishing campaign has implemented a new distribution method using SVG files to perform HTML smuggling to create a malware installer locally.
HTML smuggling is a technique used to hide and deliver encoded JavaScript payloads inside an HTML attachment or a website.
