Twitter starts filtering malicious URLs
One of the most popular activities on the microblogging service Twitter is sharing links. However, this activity is also one of the most dangerous, too. Ever since Twitter gained in popularity, hackers and spammers have been using the service to direct traffic to their unsavory web sites. For the end user, clicking on those bad links could result in, at best, an annoyance as they’re directed to some spammy web site or, at worst, a full-on malware attack on their PC.
Today, it appears that Twitter is starting to do something about the problem. According to security firm f-secure, Twitter is now blocking malicious URLs from being posted to their service.
With the new malicious URL protection built into Twitter, you’re no longer able to posts links to known malicious web sites. If you try to do so, you’ll receive a message reading: “Oops! Your tweet contained a URL to a known malware site!”
Since the company has not made any official announcement about the new protection, it’s unknown at this time if Twitter is using a particular service to provide the lookup capabilities for the malicious URL identification or if they are managing this process in-house. If we had to bet, though, we would go with the former. Maintaining a current “block list” for malicious web sites would be a major undertaking for the startup. It’s more likely they’ve partnered with a security company of some sort to provide this service or are using a publicly available API, such as Google’s Safe Browsing API, which checks URLs against Google’s blacklist.
The need for this type of protection on Twitter is more than apparent. As of late, the service has been overrun by those wanting to use it for their own nefarious purposes. Besides just getting their links posted to Twitter itself, hackers have managed to get their malware links into Twitter’s trending topics, too. There have also been instances where the Twitter accounts of high-profile users, like Guy Kawasaki for instance, have been hacked and have then been used to push malware links out to that person’s unsuspecting followers