TinyURL Being Used to Bypass Safe Browsing Filters in Firefox, Chrome

Mon, Jan 26th, 2009

TinyURL, one of the most popular URL-shortening services (although not our favorite) is now being used by cybercriminals to redirect web surfers to pages that contain viruses, trojans, and other sorts of malware. According to Finjan's Malicious Code Research Center, these criminals are using the service to avoid having their web sites flagged by the Safe Browsing mechanisms built in to modern web browsers like Mozilla Firefox and Google Chrome.

Both web browsers employ Google Safe Browsing, a feature which warns users about phishing sites and other malware. Yet bypassing this filter within your browser is easy to do, apparently. All that's necessary is for a cybercriminal to create a TinyURL that hides the original, malicious URL. Then, instead of getting the warning message "Reported Attack Site!", unsuspecting web surfers will be sent directly to the dangerous web page when clicking the link.

Share with friends if you like this page:
No comments yet.