[GamingAtWork]

it seems like the SVG file/image contained an embedded link? And they clicked the link and got pulled into one of those scam websites asking you to install shit software viruses. It was not that the svg file just went crazy and hacked their entire machine...

[Stasshe]

Not exactly — it’s a bit more than just a link scam. The SVG actually started a multi-stage infection chain, downloading a password-protected archive with a malicious CHM/HTA that deployed Amatera Stealer and PureMiner. So it’s a real system compromise, not just a fake site trick.