Hackers Are Targeting People Who Google These 6 Keywords

Hackers have found a way to target users who Google certain terms on their computers. However, the newest cyberattack has a bizarre twist.

According to cybersecurity company Sophos, users Googling whether Bengal cats are legal to own have found themselves on the receiving end of some unwanted malware issues. The company issued an urgent warning on its website telling users to not type the following six keywords into their computer: “Are Bengal Cats legal in Australia?”

An investigation found that after typing in this search term and clicking on fraudulent links near the top of the Google page, users had their personal information stolen. The users believe they are continuing to search for this information, but instead, they’re being hacked.

“GootLoader is known for using search engine optimization (SEO) poisoning for its initial access,” Sophos explained. “Victims are often enticed into clicking on malicious adware or links disguised as legitimate marketing, or in this case a legitimate Google search directing the user to a compromised website hosting a malicious payload masquerading as the desired file. If the malware remains undetected on the victim’s machine, it makes way for a second-stage payload known as GootKit, which is a highly evasive info stealer and remote access Trojan (RAT) used to establish a persistent foothold in the victim’s network environment.  GootKit can be used to deploy ransomware or other tools, including Cobalt Strike, for follow-on exploitation.”

The investigation revealed that the threat uses SEO poisoning through the Google search. Currently, the links appear in the search results when the word “Australia” is included. Once users click on a search result, they can expect to have their information, such as bank details, stolen through GootLoader — a program that can steal their information and even lock them out of their computers, according to Sophos.

What Are Other Ways Hackers Can Steal Personal Information?

Be cautious when searching niche topics. 🚨🙀

Cybercriminals are targeting Google searches for seemingly innocent terms like 'Bengal cats.' By using SEO poisoning, they can lead users to fake sites that steal data and infect devices!#CybersecurityNews pic.twitter.com/VmBildE4KL

— wizlynx group (@wizlynxgroup) November 11, 2024

The Minnesota Attorney General’s Office reports that there are multiple ways hackers can steal someone’s personal information. They utilize different methods of installation into a victim’s computer, typically as a gateway to their banking information and other secure details.

“There are two main ways hackers may try to get your personal information. One way is to try to obtain information directly from an Internet-connected device by installing spyware, which sends information from your device to others without your knowledge or consent. Hackers may install spyware by tricking you into opening spam email, or into ‘clicking’ on attachments, images, and links in email messages, instant messages, and pop-up messages,” the office shared.

It continued, “Hackers use spyware to track keystrokes or acquire pictures of your device’s screen in the hope of snagging account numbers, passwords, and other sensitive information. Criminals can also hack individual websites — like email, social media, or financial institutions — and steal the information stored there.”

The best way to stop computer hacking is to make sure any installed security software is up to date, and if none is protecting your computer, install it immediately. Also, another tip is to disable connections such as WiFi and Bluetooth when they’re not being used.