URL shorteners


Spammers Finding Favor with Google Translate

Some spammers, looking to launder the dirty links they email you, are relying on the positive reputation of Google Translate to redirect victims to rogue websites. Researchers at Barracuda Labs who maintain the company’s spam honeypots have spotted a rash of illicit messages trying to beat reputation filters by using this tactic.


Security researchers are reporting on an ongoing scareware serving campaign abusing the popular micro-blogging service Twitter.

Hundreds of tweets using four different URL shortening services are currently spammed through the automatically registered Twitter accounts, relying on a pseudo-random text generation using Twitter’s trending topics.  Read the full story [zdnet.com]

From PC Mag (Larry Seltzer)

Just when we were getting the point across that you need to be careful about what links you click on, along comes the new phenomenon of shortened links through redirection services, making it that much harder to be careful. There are products and services that can help though.
The success of these services has been driven mostly by Twitter, whose 140 character limit on posts makes it important for links to be as short as possible. The fact remains that when you click on a shortened link you don’t know where you will end up. Read the full story [pcmag.com]

By Byron Acohido, The Last Watchdog
No one in the tech security world is surprised that criminal exploitation of Twitter has commenced in earnest, as I’ve written in this story on page 1B of Monday’s edition of USA TODAY. Coding and social engineering techniques that spammers and malware purveyors have been refining and perfecting in the email realm over the past several years couldn’t mesh more smoothly into the world of social network messaging. And Twitter — the über popular Web 2.0 service that media companies can’t seem to hype enough — has presented cyber fraudsters with the attack vector of their dreams.

From Computerworld (Gregg Keizer)
A URL-shortening service that condenses long Web addresses for use on micro-blogging sites like Twitter was hacked over the weekend, sending millions of users to an unintended destination, a security researcher said today. Read the full story [cio.com]  Also see commentary from Roel Schouwenberg [viruslist.com]

From ZDNet (Dancho Danchev)
A currently ongoing malware attack across Twitter is abusing the momentum offered by Twitter’s trending topics in order to trick users into visiting bogus exclusive video sites and infect them with malware.
The campaign, spreading since last week, is relying on a growing number of automatically registered bogus Twitter accounts, which combine trending topics and hashtags with custom messages and pre-defined Tinyurl links, all leading to identical fake codec which is droping three different malware samples. Read the full story [zdnet.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.