Although the risk may be low, you’re only in potential danger if you live in Australia and have a curiosity about exotic cats.
According to SOPHOS, hackers are specifically targeting anyone who searches the phrase, “Are Bengal Cats legal in Australia?” Searching for these keywords may lead cat lovers into a trap, where clicking links exposes them to harmful malware. Once infected, attackers can access sensitive data, take control of the system, or demand ransom for stolen information.
In a blog post about the attack, SOPHOS engineers revealed that unsuspecting users are lured by ads or links disguised as legitimate search results, often leading them to adware or phishing links. However, their original goal wasn’t protecting Australian cat enthusiasts specifically; instead, they aimed to track a dangerous piece of malware called Gootloader.
Gootloader is a type of malicious software used by cybercriminals, once favored by the Russian ransomware group REvil, which has circulated for over a decade. This malware allows hackers to install tools capable of extracting private data like bank information or encrypting a user’s data.
Cybercriminals use a technique known as SEO poisoning, which manipulates search engine rankings so that their malicious links appear near the top of search results. When users click on seemingly legitimate links, they unknowingly download Gootloader onto their device.Typically, attackers target widely searched terms to reach more users or high-value targets with access to networks in industries like banking or healthcare. However, in this case, the only people at risk are those searching for the exact phrase, “Are Bengal Cats legal in Australia?”SOPHOS researchers found that in May, an unidentified cybercriminal had hijacked this search by linking it to a common online cat forum. Users clicking on a link in a forum thread labeled “Are Bengal Cats legal in Australia?” encountered a post by an impersonated administrator with a download link supposedly offering more information on Bengal cat regulations. Instead, this link initiated a download of a well-camouflaged JavaScript file that contained the virus. The malware was so sophisticated it even included fake licensing information to look legitimate. Once installed, hackers could operate the Gootloader remotely, gaining full control over the infected device.
The reason for this unusual method remains unclear. The hackers might have had a specific target in mind within the Bengal cat community, but this approach would be more cumbersome than a direct email scam. Another theory is that the hackers were testing the effectiveness of their SEO poisoning on a low-traffic phrase to avoid detection.
How To Stay Safe From Malware Attacks?
The best way to stay safe from this malware is to avoid searching for “Are Bengal Cats legal in Australia?” entirely. If you must search for information on Bengal cats, exercise caution when clicking on links, especially those leading to unfamiliar sites.
As SOPHOS engineers advise, users should avoid links that seem too good to be true or lead to suspicious domains, regardless of the topic. If you find yourself on a questionable site, don’t click on further links or download any files. Generally, only download files from trusted websites, and avoid unknown sources.
If you suspect your device has been compromised, check your accounts for any unusual activity and update your passwords immediately.