domingo, julho 03, 2011

What do twitter and bit.ly have to do with spammers and botnets ?

Who doesn't know twitter? A microblogging platform allowing people to send and receive updates within the limitation of 140 characters (tweets). It was created in 2006 and since its beginning, services for URL shortening became even more popular, due the limitation of 140 characters. By using a service like that, a long URL may be shortened to less characters than the original one. For example, the address http://joeshall.blogspot.com/2011/06/dirty-jobs-ii.html can be written as http://bit.ly/m9K6m0 , that's 63% size reduction, which is very welcome in a service like twitter.

URL shortener service providers, of course, are not providing the service for nothing. They are able to track clicks for each URL, showing information as traffic, source conversations for the addresses, history, they are able to sell customized shortened addresses, etc.

We may think URL shortener is a service like any other, but there are some drawbacks we need to analyze before posting a shortened link. Spammers are making use of techniques to hide the real addresses of links sent by e-mail, redirecting users to some servers pretending to be an Internet Banking website, just to give one real example. URL shortener is another useful way to hide the real address and cheat the users to steal passwords, infect their computers with worms, etc.

This is the main reason services like bit.ly, for example, are listed as a real threat to end-users and beginning to be included in some domain blacklists for e-mails. Just thinking a little bit for now, why use a shortened URL in an e-mail message? They might be useful if used on twitter, but that's enough, right?

Updated (12/21/2011): Some interesting thoughts in the same way. Malware behind QR Code using a similar technique. http://www.net-security.org/malware_news.php?id=1938