Experts have issued a stark warning that typing “Are Bengal cats legal in Australia” into Google could lead to severe repercussions for the user. Cybercriminals have exploited this bizarre and very specific search term, setting up bogus websites that can unleash harmful malware onto the user’s computer if accessed.
This malware is capable of pilfering personal data, financial information, and login details, as well as granting hackers remote control over the infected computer. The compromised device may also contribute to the spread of the malicious software.
This tactic, known as “search result poisoning,” was identified by specialists at cybersecurity firm Sophos. Sean Gallagher, a cybersecurity researcher at the British company, explained: “When you do a Google search and it says ‘there aren’t very many good answers for this’, that’s an opportunity [for hackers]. They can say, ‘OK, I’m going to build a website that appears to answer this question, and I’m going to use it for malicious purposes’.”
Mr Gallagher ironically remarked that Bengal cats are considered “very dangerous” meaning they have a poor reputation in Australia, where they are “not very well-regarded”.
The specific search term targeted is quite unique, often with only thousands of searches, but it exemplifies the broader strategy known as “SEO (search engine optimisation) poisoning”. Hackers focus on these terms due to the lower competition for achieving a top-rated search result, reports the Mirror.
Sophos, an Abingdon, Oxfordshire-based company, revealed that SEO poisoning has been prevalent since 2020, but “we’ve seen continued growth in this approach to initial compromise, with several massive campaigns using this technique over the past year”. Hackers have also attempted to manipulate searches for popular software such as Blender 3D, a graphics software programme, Photoshop, financial trading tools and programmes that provide remote access to computers.
To avoid falling victim to “poisoning”, it’s advised to verify the web address before clicking on a search result. Be wary of misspellings or unusual names and of sites that trigger unexpected downloads or ask for sensitive information.
It’s also crucial to keep your browser and operating system updated as the latest versions aim to block the most recent known vulnerabilities exploited by hackers.
