Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intelligent System Hunts Out Malware Hidden In Shortened URLs

Posted by timothy on from the click-here-for-the-rest dept.

An anonymous reader writes: Computer scientists at a group of UK universities are developing a system to detect malicious code in shortened URLs on Twitter. The intelligent system will be stress-tested during the European Football Championships next summer, on the basis that attackers typically disguise links to malicious servers in a tweet about an exciting part of an event to take advantage of the hype.

16 comments

  1. but by rossdee · · Score: 3, Insightful

    it cant do anything about malware in long URLs

  2. Use this every time. by Anonymous Coward · · Score: 0

    http://longurl.org/

    tah dah

  3. Goat by penguinoid · · Score: 2

    Check out this super cute goat picture.

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
    1. Re:Goat by Anonymous Coward · · Score: 0

      Check out this super cute goat picture.

      http://bit.ly/1ALmF5p

  4. Haiku by Anonymous Coward · · Score: 0

    On Slashdot Is a Story
    About my Anus
    In the Springtime

  5. Browsers... by Anonymous Coward · · Score: 1

    Shouldn't browsers be changed to not simply follow the redirect, but ask the user first?

    1. Re:Browsers... by Zontar+The+Mindless · · Score: 2

      For TinyURL, you can enable preview of the full URL here. Uses a cookie, though.

      --
      Il n'y a pas de Planet B.
    2. Re:Browsers... by Anonymous Coward · · Score: 0

      I can connect to the server and retrieve the redirect information manually. Works for all of them. But it's a) inconvenient, and b) not something everyone is able to do. Some addons seem to be available, but they don't do things nicely.
      1) Patch the page directly (not just retrieve the data on mouse over), making it less original
      2) Even retrieve the title of the redirection target (just that connection is enough to validate the existence of an email address)

      My requirements are:
      - shall not connect to the host of the shortened url (or any other -- no distinction between "normal" and shorted urls) unless clicked
      - shall not connect to the the redirect target unless confirmed by the user, or the target is on the same host

    3. Re:Browsers... by Zontar+The+Mindless · · Score: 1

      Whatever. I despise shorteners, don't use them myself, and generally refuse to follow shortened URLs. Just bored and trying to be helpful.

      --
      Il n'y a pas de Planet B.
  6. what? pls explain? by ltorvalds024 · · Score: 1

    do they mean shortened url pointing to malware affected websites?

  7. As a rule... I don't clink on shortened URLs by QuietLagoon · · Score: 3, Insightful
    You never know what evil lurks within.

    .
    What would be nice would be the ability to add an "expand" parameter at the end of the shortened URL and, instead of the redirect, have the shortened URL's hosting server show (only show) a clickable full URL.

    1. Re:As a rule... I don't clink on shortened URLs by Anonymous Coward · · Score: 0

      It shouldn't be hard to write as an userscript, the only issue is that it would have to run on each page.

    2. Re:As a rule... I don't clink on shortened URLs by Anonymous Coward · · Score: 0

      Browser plugin, similar to an adblocker with a list of known URL shortening hosts, can intercept the click and show you the final destination. No extra CPU cycles on the page until it tries to fetch the short URL. Could also implement this as a hover option.

    3. Re:As a rule... I don't clink on shortened URLs by antdude · · Score: 1

      I like TinyURL's preview.

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    4. Re:As a rule... I don't clink on shortened URLs by Anonymous Coward · · Score: 0

      Why does Twitter use a URL obfuscator at all? According to the twitsplainer it's all about control:

      Our link service measures information such as how many times a link has been clicked, which is an important quality signal in determining how relevant and interesting each Tweet is [for our ad clients]

      And ironically, they advertise URL obfuscation as a security feature:

      Having a link shortener protects users from malicious sites that engage in spreading malware, phishing attacks, and other harmful activity.

      Yeah, right, protect me by blinding me.
      If they must force all outgoing links through t.co for better data harvesting, they should at least show the real target URL as title.

  8. Ads by phorm · · Score: 1

    Yeah, I would say the first thing they should drop it on is ADS. Most of the malware and other shit I've seen lately seems to be on shitty ads lurking in legit pages (e.g. you're on the download page for X but the ad has a download link which looks like the real one, but which actually installs Y)