Comments for Twitter Starts Filtering Malicious URLs

Twitter Starts Filtering Malicious URLs

2009-08-03T13:22:50Z

One of the most popular activities on the microblogging service Twitter is sharing links. However, this activity is also one of the most dangerous, too. Ever since Twitter gained in popularity, hackers and spammers have been using the service to direct traffic to their unsavory websites. For the end user, clicking on those bad links could result in, at best, an annoyance as they're directed to some spammy website or, at worst, a full-on malware attack on their PC.

Today, it appears that Twitter is starting to do something about the problem. According to security firm f-secure, Twitter is now blocking malicious URLs from being posted to their service.

]]> With the new malicious URL protection built into Twitter, you're no longer able to posts links to known malicious websites. If you try to do so, you'll receive a message reading: "Oops! Your tweet contained a URL to a known malware site!"

Since the company has not made any official announcement about the new protection, it's unknown at this time if Twitter is using a particular service to provide the lookup capabilities for the malicious URL identification or if they are managing this process in-house. If we had to bet, though, we would go with the former. Maintaining a current "block list" for malicious websites would be a major undertaking for the startup. It's more likely they've partnered with a security company of some sort to provide this service or are using a publicly available API, such as Google's Safe Browsing API, which checks URLs against Google's blacklist.

The need for this type of protection on Twitter is more than apparent. As of late, the service has been overrun by those wanting to use it for their own nefarious purposes. Besides just getting their links posted to Twitter itself, hackers have managed to get their malware links into Twitter's trending topics, too. There have also been instances where the Twitter accounts of high-profile users, like Guy Kawasaki for instance, have been hacked and have then been used to push malware links out to their unsuspecting followers.

Good, But Not Good Enough

Unfortunately, there's a major issue with how Twitter is blocking malicious URLs. They're not parsing shortened links. Because of Twitter's 140-character limit, URL-shortening services have become the de facto standard for link sharing on Twitter. This functionality is built into numerous third-party client applications as well as into the Twitter web interface itself. Shortening a malicious link would be by far the easiest way to post a dangerous malware-laden link to Twitter - and likely the method hackers would use anyway. If Twitter does not parse all the shortened links users attempt to post, then they don't really have a good shot at keeping malware links off their service.

Luckily for Twitter end users, the default URL-shortening service, Bit.ly, began warning users of malware last month. Although it still permits users to shorten and post links to malicious sites using Twitter, anyone clicking on the link will receive a message: "Warning - this site has been flagged and may contain unsolicited content. The content of this web page appears to contain spam, or links to unsolicited or undesired sites."

Well, at least that's something.

While we're glad to see Twitter taking steps to make their service a more secure place for sharing links, we hope they'll soon start parsing URLs, too. Otherwise, this new protection won't be that much help in the end.

Comment from web design agency london on 2010-07-23

2010-07-23T13:36:15Z

I wonder how quick a work around will be found. Its good that Twitter are attacking this but I am sure it will be hacked or bypassed fairly quickly.

Comment from Rich on 2010-02-24

2010-02-24T14:57:52Z

Eh..I like the idea of more security on Twitter, but not this way. What if I wanted to send someone a URL that needed to be examined or for professional purposes as far as malware identification and resolvement, and Twitter just 86es it from my Tweet? Or if I want to say DO NOT GO TO www.whatever.com. This stops me from doing that..So, it works, but is very far from ideal.

Comment from start freelancing on 2010-02-01

2010-02-01T11:52:32Z

late but better than never... twitter should have done this long back....

Comment from web development company on 2009-12-03

2009-12-04T06:50:58Z

Excellent! I had faced the burnt of it. But people who access twitter via url shorteners will face problem. Still this is a welcome change and long overdue!

Comment from web design on 2009-12-03

2009-12-04T06:49:09Z

Nice move by twitter. Good to know that! Should have been done earlier to protect legitimate users. Its a welcome move. Nice post!

Comment from Sarah Perez on 2009-09-02

2009-09-02T16:13:16Z

that was an accidental click thru - that's an old old post!

Comment from Kenley Neufeld on 2009-09-02

2009-09-02T16:11:34Z

Yes. I noticed. Happened today.

Comment from Residual on 2009-08-10

2009-08-10T15:48:21Z

It is a bit overdue. Great thing Twitter finally get around to protect its user from this malicious stuff.

Too bad there are people out there causing trouble. Their talents could have been channeled to constructive use.

Comment from Mr.Choice on 2009-08-08

2009-08-09T05:30:08Z

It is certainly a positive thing that Twitter is dealing with URLs which support malicious activities. I didn't know they had started checking bad URLs.

Comment from kris on 2009-08-06

2009-08-06T09:47:06Z

Thanks god. Twitter is a great place to meet new people, it shouldn't be misused.

Comment from jonny smith on 2009-08-06

2009-08-06T09:08:58Z

The twitter colaboration with google and F -secure can be only beneficial for users but precention come with having more eyes open .
1.First you to look and analyse if the link could be for bad purposes and don t click so easy
2.Have an antivirus to help you if you make mistakes it s not perfect but no program is perfect Bitdefender 2009 has good rathings in reviews i recommend it .

Comment from Busted Keys on 2009-08-04

2009-08-04T18:46:10Z

thank god for this filter. i've received a few malicious urls and i'm glad i had my pop-up blocker on!

Comment from Email Marketing on 2009-08-04

2009-08-04T16:31:59Z

Twitter is like a breath of fresh air on the Social Media scene. I have been on it for just a few weeks now and I have met several interesting people. It is a platform to network with people you would like to meet in real life.

KZ
Email Marketing Software

Comment from Ian Hendry on 2009-08-04

2009-08-04T14:13:49Z

Given that 80% of Twitter's biggest users access the site through third party apps which use URL shorteners, this won't work unless either/both the apps/shorteners do the same thing; and/or there are checks through the API.

So this is a smart move but for the majority of us of little direct value.

Ian Hendry
CEO, WeCanDo.BIZ
http://www.wecando.biz

Comment from URLoo on 2009-08-04

2009-08-04T12:17:57Z

One step ahead. Congratulations! The next step will be checking shortened URLs for malicious links.

step 3 is adult sites or sites with adult content without malicious software check up. Unfortunately, Twitter will not be able to handle it even checking the shortened links. So spammers will continue messing in Twitter.

Comment from Team Nirvana on 2009-08-04

2009-08-04T08:17:46Z

Had been waiting for this kind of support from Twitter as most of the links masked as very interesting usually turn out to be affiliate sales links.

Comment from Thomas on 2009-08-03

2009-08-03T18:39:29Z

If this worked correctly it would be a good thing. The problem is that some links are being wrongly flagged.

I ran into this the other day. I had just uploaded a page to my website then posted the link on twitter. Seeing the shortened url I clicked it to make sure it still pointed to my page. To my surprise the link was flagged.

I contacted bit.ly and was told the page showed up as a User Reported spam site. That seems impossible since the page and link post had just been made. There was no time for someone to see the page much less suspect it of any maliciousness. I checked with Stopbadware.org and several other places. Not a single page of my website has been reported for spam, phishing, or any other unscrupulous action. I was told by bit.ly that they unblocked the page but it was again flagged.

Is my family friendly Christian site being naughty behind my back. Hmmm :) Now the question is how to resolve this. Since no blacklist shows it as being reported I can't request a review. It looks like my reputation is in jeopardy because of a glitch.

Comment from kelly on 2009-08-03

2009-08-03T16:51:30Z

That's good news! Thanks for sharing Sarah!

Comment from Marcus on 2009-08-03

2009-08-03T16:44:13Z

Some of my own sites unfortunately have been infected with malicious PHP code and as a result been declared malicious URLs by Twitter and Google as well last week. To avoid any more blocking I'm moving them to a new server right now. No fun at all, but it seems to be fastest way to get rid of a Twitter/Google penalty in the moment....

Comment from Aditya on 2009-08-03

2009-08-03T14:33:35Z

What if the spammer uses "nested" shortening. I just shrank a tinyurl in bit.ly. It will make this exercise really tough, how deep can one go to ensure a URL is benign?

One way would be disable other shortened urls in a shortening service. Though I don't know whether it will have other implications/problems.

Comment from Dennis Jernberg on 2009-08-03

2009-08-03T14:20:32Z

It's about time Twitter did this. Now it's up to the URL shorteners like bit.ly; they need to block malware sites too.

Comment from NMN on 2009-08-03

2009-08-03T14:15:02Z

Well it's a step in the right direction for twitter. Nice post. http://AppUseful.com