Yeaaaaaaaaaah
 
Home » News Stories » A Short Lesson in URL Hacking

News Stories

Job Search

Events

Back to News »

A Short Lesson in URL Hacking


Share this:
digg it  | kickit | Email it | del.icio.us | reddit | liveIt
Subscribe to IrishDev News RSS Add to Google
CategoryBusiness
DateTuesday, June 16, 2009
Author

A Short Lesson in URL Hacking

Security Firm Sophos Report on How A Blogger  Gets Over 2.2million Hits After Popular URL Shortening Service is Hacked

 

 

Kevin Sablan received over 2.2million hits to his website as URL shortening service Cligs is hackedExperts at IT security and control firm Sophos are advising computer users to be wary of shortened URLs like TinyURL, bit.ly and is.gd as they have increasingly become part of many computer users' everyday lives with the surge in popularity of micro-blogging websites like Twitter.

 

 

 

The warning follows news that Cligs, recently ranked as the fourth most popular URL shortening service on Twitter, has been hacked and on Sunday was redirecting millions of cli.gs links to a story about Twitter hashtags by blogger Kevin Sablan (pictured above) of the Orange County Register.

 

 

Sablan noticed the unexpected rise in traffic on Monday morning and has subsequently blogged about the experience of having 2.2 million links temporarily pointing to his blog post. A statement on the Cligs website suggests that a security vulnerability in its edit functionality allowed a malicious hacker to change the destination of millions of shortened URLs. The company also admitted that it hasn't been getting daily backups since early May.

 

 

Graham Cluley, senior technology consultant at Sophos said, "While Cligs is nowhere near as popular as the likes of TinyURL, it is still used by a substantial number of people, so you can imagine the disruption that can be caused if links no longer go where they are supposed to. These services are becoming indispensable with more and more people using Twitter and needing to make their point in 140 characters or less, and this is not the first time we have seen spammers and hackers abusing these systems.


"While it's not clear what the intentions of the fraudsters were in this case, they could have easily redirected millions of shortened URLS to a website hosting malware," Cluley continued.

 

 

While these services should be making their systems as secure as possible, similar incidents are likely to happen again.  and so it's important that computer users don't automatically trust links on websites like Twitter. Sophos recommends users consider running a plug-in that will expand links before clicking on them.

 

 

 

People reading this article also read....

More Sophos News on IrishDev.com

 

More Virus News on IrishDev.com

 

More Security News on IrishDev.com

 

More Twitter News on IrishDev.com

 

Renaissance - Sophos Distributor in Ireland

 

See Web Scalability Feature Friday Article on IrishDev.com

 

 


 

Get Instant Updates....

Join IrishDev.com on Facebook and Twitter

 

 

 


Got a Story – Share it with the Irish Software Community – Email us at

Back to News »
digg it  | kickit | Email it | del.icio.us | reddit | liveIt | RSS
E-mail