Researchers laud Twitter alerts on bad links

Twitter has begun alerting users when they attempt to post a link to a malicious site.

When a user tries to send a tweet with a bad URL, Twitter fires a message that says: “Oops! Your tweet contained a URL to a known malware site!”

Some researchers had been encouraging Twitter to block malicious links in light of a number of recent episodes on the popular microblogging platform in which malicious or compromised accounts were posting dangerous tweets.

“We've recommended Twitter to start filtering traffic to fight this,” Mikko Hypponen, chief research officer at F-Secure, said in a blog post Monday. “They can easily do it, as all the messages go through them.”

He added: “Twitter hasn't announced this, but we just noticed that they have now started filtering tweets that contain links to known malware sites.”

Other researchers concur that this is a valuable step, but may not be enough.

“While their filtering is a step in the right direction, they are not parsing already shortened URLs,” Beth Jones, security analyst at Sophos, told SCMagazineUS.com Monday. "All a malware author has to do is shorten a URL, put it up, and not worry about it. If a user clicks on the shortened URL, they will go straight to the malicious target.”

Since Twitter requires that users post messages within a 140-character limit, most people employ the shortened links.

Some URL shortening services do provide checks to determine whether URLs are disguising malicious links. For example, Bit.ly checks links against spam-filtering services such as SURBL and site-monitoring services such as Google Safe Browsing, Jones said.