Google blocks Chrome and Firefox affected

Bitly is a popular url shortening service that is widely used and according to Alexa one of the top 4000 websites in the world. It can be used by anyone to turn any link into a shorter version that looks similar to this one:

If you have tried to open the main Bitly website recently or clicked on a link that was shortened by others using the service you may have received a notification in your browser that access to the website has been blocked.

Google Chrome notifies you that "the site ahead contains malware" while Firefox that the site is a "reported attack page".

Both Google Chrome and Firefox use Google's Safe Browsing service to determine whether a site is safe to visit or not.

If you check Google's Safe Browsing page for the service, you get the following information:

  1. The site is listed as suspicious as part of it was listed for suspicious activity in the past 90 day period.
  2. 669 of the 91854 pages that Google crawled resulted in "malicious software being downloaded and installed without user consent".
  3. Malicious software included trojans and exploits, with successful infections resulting in an average "of three new processes on the target machine".

It is clear that the service itself is not distributing malicious software directly but that other sites it redirects to are. Since it can be used by anyone to create a new redirection link, it is easy to abuse it for these kind of attacks.

All that is left to be done then is to distribute those links on the Internet to lure users into the trap.

Read also:  Punycode Phishing Attack fools even die-hard Internet veterans

It is possible to visit the site anyway in both browsers. Here is how that is done..


chrome bitly malware

  • When you get the "the site head contains malware" warning click on the Details link on that page.
  • Here you need to click on "visit this unsafe site" link to visit the site in question.


firefox bitly warning

  • Firefox displays a "ignore this warning" link on the warning page which you need to click on.

Bypassing the warning can put your computer at risk. It is highly recommended to have some form of protection in place including up to date antivirus software but also browser specific security extensions such as NoScript to block these kind of attacks from affecting your computer.

Article Name
Google blocks as malicious: Chrome and Firefox affected
Google is blocking the url shortening service right now. Browsers such as Firefox or Google Chrome display warning pages to users who try to open any bitly url in the browser.
Please share this article


Responses to Google blocks Chrome and Firefox affected

  1. Andrew October 25, 2014 at 2:08 pm #

    Ah, the power of Google...

  2. Chris Granger October 25, 2014 at 2:18 pm #

    Perhaps Google should block itself as well, just to be on the safe side...

    • Tom Hawack October 25, 2014 at 5:55 pm #

      I have (Google's url shortener) blacklisted on my HOSTS file! but for privacy concerns of course, not for malware implications.

  3. Ken October 25, 2014 at 2:37 pm #

    Google Short Link Service is also being blocked, I use it on feed burner and its showing the same pages as bitly links when clicking on them. Here's the photo

  4. anohana October 25, 2014 at 3:16 pm #

    What about other url shortening services and redirecting sites? I could tell a ton of much worse redirection sites than bitly.
    I think it's not fair.

  5. Alex October 25, 2014 at 4:11 pm #

    I think the block has just been removed
    as bitly links on our site are working again

  6. H745 October 25, 2014 at 4:13 pm #

    You can deobfuscate/expand and URLs without actually visiting them by using the service

  7. jasray October 25, 2014 at 4:34 pm #

    Whatever happened to this old myth?

    "There are potential issues with the domain since it is controlled by the Libyan government, which has previously removed domains deemed incompatible with Muslim principles."

    The company changed to; however, all shortened URLs with bitly still show as If the myth is true, isn't somewhat odd to send traffic through a Libyan based server?

    • Bob Sireno October 25, 2014 at 5:34 pm #

      "... all shortened URLs with bitly still show as If the myth is true, isn't somewhat odd to send traffic through a Libyan based server?"

      Domain hosting doesn't work like that. Any domain name can be hosted anywhere it is allowed. The country, or organization type, associated with a top level domain was intended for informational use only. Due to the nature of marketing, companies buy domain names that they think are cool. A lot of television networks buy .tv domains. That doesn't mean their web site is loacated on the island of Tuvalu (this is real). You can buy yourself a .gov domain, where the name is available. That doesn't mean you run a government agency.

    • Doc October 26, 2014 at 3:24 am #

      The .ly top level domain (TLD) belongs to Libya, but the web hosting itself can be anywhere. Seeing as the Libyan government once complained about a website using a .ly TLD that contained information about breast cancer, and got its domain name registration canceled, I don't think using a .ly TLD is a good idea, nor did Bitly, since it changed its main domain name. As for Bitly being a "Libyan based server," it isn't.

  8. CHEF-KOCH October 25, 2014 at 4:40 pm #

    I hate these url shortener services, that's the reason I use a script from greasefork to reveal the original link behind the services. Works also on twitter and one click hosters. The reason is that some poeple think it's fun to link behind malware sites.

  9. Tom Hawack October 25, 2014 at 5:53 pm #

    My HOSTS file, which I use as a blacklist managed by HostsMan, has always had included by at least one of the seven sources I use.
    TinyURL has always been my url shortener choice. What I mean is that has raised at least suspicion for some time now. The fact that Google decides to categorize the domain is relevant of enough consistency in the volume of craps transiting via to take such a decision.
    Whatever the url shortener best advised to always check the shortened url with a url unshortener such as LongURL ...

  10. John B October 25, 2014 at 7:22 pm #

    I got this warning after clicking on one of Facebook's short url too.

  11. Dwight Stegall October 25, 2014 at 7:49 pm #

    Firefox is not blocking

    • IowaMan October 26, 2014 at 12:41 am #

      also working fine on Chrome Beta android

  12. Andrew October 26, 2014 at 8:21 am #

    Blocking those shortened URL won't cure anything, but will simply provide a way for ppl to create more dangerous links that's unstoppable. You close one door, ten doors open....that's how life is

  13. anon October 26, 2014 at 8:29 am #

    This won't cure everything but it sure help prevent some. I usually don't like google's policy but in this case I support them, either adapt some kind of malware detection to prevent people from shortening malicious url or just be forgotten after this.

  14. Guest October 26, 2014 at 4:50 pm #

    Why doesn't Google just reveal the link it's pointing to instead of blocking it outright? Sometimes Google is dumb.

  15. Gustavo Salcedo Luna October 26, 2014 at 6:39 pm #

    Thank you for your answer. You indicate that "It is highly recommended to have some form of protection in place including up to date antivirus software but also browser specific security extensions such as NoScript to block these kind of attacks from affecting your computer". could you indicate me how to install such a protection ( NoScript or another) in the Web page I am developing with Wix.?

    • Martin Brinkmann October 26, 2014 at 8:50 pm #

      NoScript is an add-on for Firefox that you install in the browser. It is enabled automatically after installation.

      • Gustavo Salcedo Luna October 27, 2014 at 12:05 am #


  16. tom October 27, 2014 at 3:02 am #

    Strange, when trying I can access the site without issues. When trying you link above, I am not getting any error messages at all but instead end up on the google main search page.

Leave a Reply