General12.10.2009

Poisoned webpages threaten social networks

Twitter, Digg and Other Social Networks Threatened by Malicious Web Pages Hiding Behind Shortened URLs; LinkScanner Detects

The popular practice of embedding shortened URL into Twitter tweets, Digg posts and other social networking communications is being threatened by hackers who use the anonymity of these URLs to hide poisoned web pages.  AVG LinkScanner® is the only security tool available today that can detect the presence of these poisoned web pages, because it tests the destination of each URL link in real time and does not rely upon blacklists that become outdated as soon as they’re created due to the ever-shifting locations where the bad guys hide.

“The problem with shortened links is that they usually don’t bear any resemblance to the original URLs, which means that users don’t always know what they’re clicking. People click with the intention of going to a specific site, but the link can be easily hacked to send people to a site containing Trojans, spyware, rootkits and other malware instead,” said Roger Thompson, chief research officer at AVG Technologies.

Link shortening services have become popular tools to fit URLs within the 140-word Twitter limit. There are now more than a dozen URL shortening services available, with some built right into Twitter clients and other social networking tools.

Poisoned web pages are the latest way that hackers and spammers deposit malware onto computers in order to steal passwords or recruit computers into botnets. Computers users can get infected simply by clicking on a link, viewing an image, or sometimes just hovering their mouse over a banner. To avoid being caught, the bad guys typically infect a specific web page for less than 24 hours before moving on.

“LinkScanner is the only security tool that can detect the presence of poisoned pages hiding behind shortened URLS,” continued Thompson. “Only LinkScanner can stop people from clicking before it’s too late.”

Sign up to the MyBroadband newsletter