URL Shortener Services Distribute Malware

URL shorteners such as Owly (OW.LY), Twitter (T.CO) and Bitly (BIT.LY) allow hackers to mask their behavior and a recent report from security company eset identified some specific attacks they are seeing including malicious iOS calendar invites and Android malware.

While there are a lot of reasons that people use URL shorteners including Twitter’s character limits and making URLS look prettier that are benign and monitizing and tracking your actions (mostly benign), there are attacks in the wild that use these obfuscated URLs to launch attacks.

Companies should train their employees to be wary of such URLs and users should ask their IT department if they have a question about a specific link. There are tools available for free on the web that expand the URL safely and some even provide a safety rating of the destination web site. In addition, we recommend companies use DNS filtering software (contact us about this) as one layer of protection.

If you have questions about this, feel free to contact us.

For more information, see this eset blog post. Normally, I would obfuscate the URL behind a link, but in this case, here is the actual URL: https://www.welivesecurity.com/2021/07/20/url-shortener-services-android-malware-banking-sms-trojans/?web_view=true . These long, complicated URLs are one reason why people use URL shorteners. Just copy and paste this URL into your browser.

Unfortunately, hackers use of this means that “we can’t have nice things”. 🙂