Don't look for this cute cat on Google or your computer will be hacked
According to security firm SOPHOS, a cyberattack campaign recently began targeting users interested in a seemingly harmless question: "Are Bengal cats legal in Australia?" ('are bengal cats legal in Australia?', en el original).. Yes, you read that right.
It is precisely this search that, when introduced into Google, has led to many users falling into the hands of cyber fraudsters who have resorted to a technique known as "SEO Poisoning" to manipulate search results and lure unsuspecting people to malicious sites.... Their personal information may be stolen or they may be encouraged to download a variant of malware known as Gootloader (used as an intermediary for other types of malwares, such as ransomware, remote access tools, or banking Trojans).
- Why Bengali cats?
The strange thing about this attack is that it targets specific research: "Are Bengal cats legal in Australia?": This type of exotic cat has gained popularity in recent years for its appearance similar to that of a little cheetah. That's why some users seem to believe that strict rules for foreign animal possession can be applied to them, and that's why they seek to clarify their suspicions online.
Note: Bengali cats, such as Persians or Siamese, are a calmer breed than domestic cats.
- What is SEO poisoning and how does it affect users?
SEO poisoning or "SEO poisoning" is a manipulation technique by which cybercriminals optimize their websites so that they appear among the first results in search engines for certain searches... Seeking to take advantage of the trust that users usually place in results that top Google lists, making them more likely to click on dangerous links.
In the case of the term related to the legality of Bengal cats, the hackers were able to obtain certain fraudulent links (but designed to appear trustworthy) to be placed between the first results. Upon entering, users were redirected to seemingly legitimate sites, where they were invited to download a ZIP file that, instead of information about the legality of Bengal cats, contains a JavaScript file that runs Gootloader on their computers.
Gootloader is able to evade detection systems by hiding inside legitimate files and hiding their code, making them difficult to identify.
SEO strategy has proven effective and difficult to detect and will continue to evolve in the coming years. In this case, the campaign focused on a very specific topic and targeted a specific group of people, cat lovers in Australia, which is unusual. Some analysts speculate that this campaign could only aim to test the effectiveness of malicious SEO techniques without attracting much attention.