TinyURL, one of the most popular URL-shortening services (although not our favorite) is now being used by cybercriminals to redirect web surfers to pages that contain viruses, trojans, and other sorts of malware. According to Finjan’s Malicious Code Research Center, these criminals are using the service to avoid having their web sites flagged by the Safe Browsing mechanisms built in to modern web browsers like Mozilla Firefox and Google Chrome.
Of course, even if the sites were otherwise safe from infectious files, the URL shortening services can still be used to obscure phishing attempts – people don’t pay much attention to URLs they click on as it is, let alone what winds up in the address bar. Further, I look at the safe browsing services as a crutch for prudent internet use – much as anti-virus software is only as good as the definitions within, the same goes ‘safe browsing’. A few warning messages later people think every site without one is safe. But they don’t call them ‘drive-bys’ for nothing.
I don’t click on shortened URLs from anyone I haven’t shaken hands with, or doesn’t have a lot to lose in terms of the interwebs popularity contest if they slip up. And that goes for links in emails, websites, and on services like Twitter.
One of the many pitfalls of big, popular search indexes.
Yes, if you really want to parse your social network ever further online, you can engage Gmail for help.
Just keep an eye out for malware while you’re doing it.
StopBadware, the coalition of big names aiming to protect people from drive-by infections, is on the move. Google is now integrating warnings into it’s search results. Nice.
Google, a “crossing guard” for malware avoiders. No telling what other members of StopBadware are doing, but I’ll guess Websense doesn’t care – they are now someone’s likely acquisition target.
With all the talk about social networks – the inherent safety issues of “going public,” the politics that won’t help, and the sneaky buggers taking advantage of the situation, we’ve forgotten to take a step back and see what might be headed this way so we can prepare.
You have some much in your face, but what’s next? Well, think about all those public profiles – a great way to develop dossiers. Add the fact that there are groups of like-kind thinkers/feelers banding together for social interaction. Throw in malicious code writers ramping up targeted attacks.
I say it’s a recipe for a big headache.
A new study suggests the same.
Just a few years back, malicious code writers were meeting in stealthy IRC chat rooms, exchanging ideas on obscure forums, and doing their thing just for fun (and notoriety). Now, it is a money game, and in business you need efficiencies.
Couldn’t think of anything better to drive down time to market in the software game than going open source, and that is exactly what malware technicians are doing. They are leveraging tools like CVS to share code, and it wouldn’t surprise me if CVS and Subversion depositories start popping up all over the place. But how will we know when that happens?
There are now malware search engines as well.
When you think of blue pills, you imagine tv ads by politicians, people who are bored with their partners, and people who can’t get enough of their partners. You might also think of a lot of spam, due primarily to the previous points. However, you’d likely never think a “blue pill” could hide malware, completely undetectable, on your Windows computer, but that is exactly what a researcher in Singapore has devised. I suspect the name was an afterthought.
I’d say its good to know that such things are possible ahead of time, so someone can devise a way of detecting the undetectable (always happens). I’d also say I’m feeling pretty comfy sitting in at my desk right now – with one computer running OS X and the other running Fedora Core.
Despite all the “altruistic” services warning people of dangerous websites (via paid clients, of course), Jose Nazario has found one that just won’t die. Note: various contributors are “ready to take action.” I’d personally love to hear why action has been so absent for so long.
Compliments of Sophos (pdf).
I love the introduction, where they say the whole thing about rumored slowing of threats (which never seems to happen). Of course, take all reports of growing threats from security companies with a grain of salt – the same dose of incredulity you would apply to an operating system company saying their software is safe and sound will do just fine.