Google blocks Bit.ly: Chrome and Firefox affected
Bitly is a popular url shortening service that is widely used and according to Alexa one of the top 4000 websites in the world. It can be used by anyone to turn any link into a shorter version that looks similar to this one: http://bit.ly/1dNVPAW
If you have tried to open the main Bitly website recently or clicked on a link that was shortened by others using the service you may have received a notification in your browser that access to the website has been blocked.
Google Chrome notifies you that "the site ahead contains malware" while Firefox that the site is a "reported attack page".
Both Google Chrome and Firefox use Google's Safe Browsing service to determine whether a site is safe to visit or not.
If you check Google's Safe Browsing page for the service, you get the following information:
- The site is listed as suspicious as part of it was listed for suspicious activity in the past 90 day period.
- 669 of the 91854 pages that Google crawled resulted in "malicious software being downloaded and installed without user consent".
- Malicious software included trojans and exploits, with successful infections resulting in an average "of three new processes on the target machine".
It is clear that the service itself is not distributing malicious software directly but that other sites it redirects to are. Since it can be used by anyone to create a new redirection link, it is easy to abuse it for these kind of attacks.
All that is left to be done then is to distribute those links on the Internet to lure users into the trap.
It is possible to visit the site anyway in both browsers. Here is how that is done..
Chrome
- When you get the "the site head contains malware" warning click on the Details link on that page.
- Here you need to click on "visit this unsafe site" link to visit the site in question.
Firefox
- Firefox displays a "ignore this warning" link on the warning page which you need to click on.
Bypassing the warning can put your computer at risk. It is highly recommended to have some form of protection in place including up to date antivirus software but also browser specific security extensions such as NoScript to block these kind of attacks from affecting your computer.
Strange, when trying bit.ly I can access the site without issues. When trying you link above, I am not getting any error messages at all but instead end up on the google main search page.
Thank you for your answer. You indicate that “It is highly recommended to have some form of protection in place including up to date antivirus software but also browser specific security extensions such as NoScript to block these kind of attacks from affecting your computer”. could you indicate me how to install such a protection ( NoScript or another) in the Web page I am developing with Wix.?
NoScript is an add-on for Firefox that you install in the browser. It is enabled automatically after installation.
Thanks
Why doesn’t Google just reveal the link it’s pointing to instead of blocking it outright? Sometimes Google is dumb.
This won’t cure everything but it sure help prevent some. I usually don’t like google’s policy but in this case I support them, either bit.ly adapt some kind of malware detection to prevent people from shortening malicious url or just be forgotten after this.
Blocking those shortened URL won’t cure anything, but will simply provide a way for ppl to create more dangerous links that’s unstoppable. You close one door, ten doors open….that’s how life is
Firefox is not blocking https://bitly.com/
also working fine on Chrome Beta android
I got this warning after clicking on one of Facebook’s fb.me short url too.
My HOSTS file, which I use as a blacklist managed by HostsMan, has always had bit.ly included by at least one of the seven sources I use.
TinyURL has always been my url shortener choice. What I mean is that bit.ly has raised at least suspicion for some time now. The fact that Google decides to categorize the domain is relevant of enough consistency in the volume of craps transiting via bit.ly to take such a decision.
Whatever the url shortener best advised to always check the shortened url with a url unshortener such as LongURL …
I hate these url shortener services, that’s the reason I use a script from greasefork to reveal the original link behind the services. Works also on twitter and one click hosters. The reason is that some poeple think it’s fun to link behind malware sites.
Whatever happened to this old myth?
“There are potential issues with the bit.ly domain since it is controlled by the Libyan government, which has previously removed domains deemed incompatible with Muslim principles.”
The company changed to bitly.com; however, all shortened URLs with bitly still show as bit.ly. If the myth is true, isn’t somewhat odd to send traffic through a Libyan based server?
The .ly top level domain (TLD) belongs to Libya, but the web hosting itself can be anywhere. Seeing as the Libyan government once complained about a website using a .ly TLD that contained information about breast cancer, and got its domain name registration canceled, I don’t think using a .ly TLD is a good idea, nor did Bitly, since it changed its main domain name. As for Bitly being a “Libyan based server,” it isn’t.
“… all shortened URLs with bitly still show as bit.ly. If the myth is true, isn’t somewhat odd to send traffic through a Libyan based server?”
Domain hosting doesn’t work like that. Any domain name can be hosted anywhere it is allowed. The country, or organization type, associated with a top level domain was intended for informational use only. Due to the nature of marketing, companies buy domain names that they think are cool. A lot of television networks buy .tv domains. That doesn’t mean their web site is loacated on the island of Tuvalu (this is real). You can buy yourself a .gov domain, where the name is available. That doesn’t mean you run a government agency.
You can deobfuscate/expand bit.ly and goo.gl URLs without actually visiting them by using the service LongURL.org.
I think the block has just been removed
as bitly links on our site are working again
What about other url shortening services and redirecting sites? I could tell a ton of much worse redirection sites than bitly.
I think it’s not fair.
Google Short Link Service goo.gl is also being blocked, I use it on feed burner and its showing the same pages as bitly links when clicking on them. Here’s the photo http://oi58.tinypic.com/15dasti.jpg
https://www.google.com/safebrowsing/diagnostic?site=google.com
Perhaps Google should block itself as well, just to be on the safe side…
I have goo.gl (Google’s url shortener) blacklisted on my HOSTS file! but for privacy concerns of course, not for malware implications.
Ah, the power of Google…