ADVERTISEMENT
Searching this phrase on your computer can make you a target for hackers: ReportSophos, a cybersecurity company, has warned that this program can also lock users out of their computers.
DH Web Desk
Last Updated IST
<div class="paragraphs"><p>Representative image of a hacker.</p></div>

Representative image of a hacker.

Credit: iStock Photo

Computer users who search a particular phrase on Google are finding themselves victimised by a cyber attack.

ADVERTISEMENT

Cybersecurity company Sophos flagged the issue on their site on November 6, urging people not to search "Are Bengal cats legal in Australia". As per the company, people looking up this information have had their personal details stolen once they clicked on fraudulent links that appeared on the top of the search page.

"Victims are often enticed into clicking on malicious adware or links disguised as legitimate marketing, or in this case a legitimate Google search," as per Sophos.

Reportedly, the dangerous links pop up only when the word 'Australia' is added to the search phrase, which puts people in the land down under at greatest risk, as per the company.

The company explained that once users click on a search result which looks legitimate, they find their personal information -- like bank details -- stolen using a program called Gootloader.

GootLoader is known for using search engine optimization (SEO) poisoning for its initial access, Sophos explained, adding that if the malware remains undetected on the system, it paves the way for GootKit -- which is a highly evasive information stealer, and a remote access Trojan is also used to establish a firm foothold in the users' network environment. GootKit can then be further used to deploy ransomware, as per the cybersecurity company.

Sophos has warned that this program can also lock users out of their computers.

As per Sophos, the hacking threat is alarming as the user does not have to be looking for anything particularly nefarious to become a target, although the search for Bengal cats and their availability in Australia is bound to be a niche one.

The company has flagged cybercriminals infiltrating Google searches using 'SEO poisoning' as a tactic.

Crowdstrike, the company behind the recent Microsoft outage, describes SEO poisoning as a technique that threat actors use to improve the prominence of otherwise malicious websites, which makes them look authentic to users.

ADVERTISEMENT
(Published 11 November 2024, 14:44 IST)