Researchers laud Twitter alerts on bad links

Share this article:

Twitter has begun alerting users when they attempt to post a link to a malicious site.

When a user tries to send a tweet with a bad URL, Twitter fires a message that says: “Oops! Your tweet contained a URL to a known malware site!”

Some researchers had been encouraging Twitter to block malicious links in light of a number of recent episodes on the popular microblogging platform in which malicious or compromised accounts were posting dangerous tweets.

 

“We've recommended Twitter to start filtering traffic to fight this,” Mikko Hypponen, chief research officer at F-Secure, said in a blog post Monday. “They can easily do it, as all the messages go through them.”

He added: “Twitter hasn't announced this, but we just noticed that they have now started filtering tweets that contain links to known malware sites.”

Other researchers concur that this is a valuable step, but may not be enough.

“While their filtering is a step in the right direction, they are not parsing already shortened URLs,” Beth Jones, security analyst at Sophos, told SCMagazineUS.com Monday. "All a malware author has to do is shorten a URL, put it up, and not worry about it. If a user clicks on the shortened URL, they will go straight to the malicious target.”

Since Twitter requires that users post messages within a 140-character limit, most people employ the shortened links.

Some URL shortening services do provide checks to determine whether URLs are disguising malicious links. For example, Bit.ly checks links against spam-filtering services such as SURBL and site-monitoring services such as Google Safe Browsing, Jones said.



Share this article:

Sign up to our newsletters

More in News

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.

Researcher hacks network connected devices in own home

Researcher hacks network connected devices in own home

In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to ...

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.