Don’t search for information on cats at work — you could be at risk of being hacked
- Researchers have spotted a very specific SEO poisoning campaign
- The campaign is dropping a decade-old malware framework
- The end result is either a Cobalt Strike beacon, or ransomware
If you’re an Australian interested in Bengal cats, be very careful when researching the topic online, because you might get hacked.
That’s what cybersecurity researchers from Sophos said in a new report concerning a new SEO poisoning campaign that targets people searching for Bengal cats in Australia.
SEO poisoning is a malicious technique in which cybercriminals manipulate search engine results to push websites under their control to the top of search engine page results. When users open these websites, they are offered malware downloads, or phished for sensitive data.
Limited operation
In this campaign, the crooks were deploying Gootloader, a malware delivery framework used primarily to distribute various types of malware, such as ransomware and information-stealing trojans (like the Gootkit banking trojan). Sophos said they observed Cobalt Strike beacons being dropped, as well as different ransomware strains.
Gootloader has been around for a decade, and so has SEO poisoning. There is nothing out of the ordinary in the method of compromise, or the tools being deployed by the hackers. What stands out is the topic the crooks chose for their distribution – Bengal cats in Australia.
Usually, the crooks would either try to compromise as many computers as possible, or they would go for a specific high-value target, such as a financial institution, or a hospital. SEO poisoning is usually used in the former, to attack a larger cohort such as software developers, cryptocurrency users, or something similar.
In this scenario, the only people who would possibly get infected would be the ones searching “Are Bengal Cats illegal in Australia?”.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
One potential reason could be that the crooks were trying to test their SEO poisoning strategies out without drawing too much attention to themselves, therefore choosing the most niche thing they could possibly find.
Via The Register
You might also like
Researchers have spotted a very specific SEO poisoning campaign The campaign is dropping a decade-old malware framework The end result is either a Cobalt Strike beacon, or ransomware If you’re an Australian interested in Bengal cats, be very careful when researching the topic online, because you might get hacked. That’s…
Recent Posts
- Humane wants to put the AI Pin’s software inside your phone, car, and smart speaker
- Jeff Bezos says he’s ‘very optimistic this time around’ about Trump
- OpenAI is partnering with defense tech company Anduril
- AWS has a new tool that wants to stop AI hallucinations for good
- Why your favorite fictional AI friends are vanishing from Character.AI
Archives
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- September 2018
- October 2017
- December 2011