“Are Bengal Cats legal in Australia?”—These six seemingly harmless words could land you in trouble if you search them on Google. According to a recent report by cybersecurity company Sophos, this simple Google search is directing users to a compromised website hosting a malicious payload.
If the user clicks on malicious links or adware as part of the cyberattack, the victim's network may eventually get compromised, which could lead to ransomware deployment or hacking of personal data, including financial information and login credentials.
GootLoader And SEO Poisoning
Through a cyberattack technique known as GootLoader that uses search engine optimisation poisoning, hackers are luring unsuspecting users to type these six words on Google and clicking malicious links.
Sophos' investigation revealed that the threat actor was using SEO poisoning through an easily accessed online forum found via a simple Google search, initiated by the user for “Do you need a license to own a Bengal cat in Australia” or other related phrases.
If unsuspecting users click on malicious links, a suspicious .zip file containing malicious payloads may get downloaded to their systems. If malware remains undetected on the victim's machine, a highly elusive information stealer may also get installed in the user's network. This can further be used to deploy ransomware or other tools on the machine that could compromise personal data, including login credentials, bank details and other information.
Sophos' analysis identified multiple domain names that were classified as malware. The cybersecurity company also provided a list of indicators of compromise.
Recommendations
According to Sophos, users should avoid searching the phrase “Are Bengal Cats legal in Australia?” or other similar phrases on Google.
Anyone who might have fallen victim to SEO poisoning should reset their password right away and run an anti-virus scan on affected devices. They should further improve their security measures by enabling two-factor authentication to prevent unauthorised access to accounts even if device or credentials are hacked.
Essential Business Intelligence, Continuous LIVE TV, Sharp Market Insights, Practical Personal Finance Advice and Latest Stories — On NDTV Profit.
