Security Bytes

Sep 25 2009   1:52PM GMT

Video shows Twitter attacks using shortened URLs

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Symantec video highlights shortened URL problems on Twitter.

Back in June, I wrote about URL shortening services and how they could contribute to sending the Internet out of control. In short, Cligs, the fourth used URL shortening service, suffered an attack at the time that edited most URLs on Cligs to point to a new location. According to Cligs, 2.2 million URLs were affected. The error was nearly unavoidable by users. Even links from trusted sources were redirected to a new location.

Symantec posted a blog entry and a video Thursday showing how shortened URLs are spreading rogue antivirus and ultimately malware onto victim’s machines. “Clicking any link like this is entirely a security leap of faith, said Symantec’s Ben Nahorney.

The simple answer is to not click on shortened URLs or users should instead download the browser add-ons for FireFox and Internet Explorer that preview the URL. Those behind Twitter have not yet stepped up to address the issue. It could be addressed by developing a tool within Twitter that masks a long URL and doesn’t count toward the 140 character limit. Perhaps the URL should be treated as an attachment within a Tweet. Once the attachment is opened revealing the link, a user can examine the link for authenticity.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: