Cyber-criminals Exploiting Shortened URLs for Malware Distribution

According to the researchers at Trend Micro, a security firm, cyber-criminals are sending shortened URLs for the purpose of distributing malicious programs, not for announcing any good news.

URL-shortening systems are known to be utilized for shortening lengthy and illegible URLs into small sized ones. Such URLs are easier to handle and bear a greater preference compared to the usually lengthy URLs. With them, a user can exchange news and information across networks with the help of personal blogs, websites, tweets as well as other tools for social media.

Researchers at Trend Micro have outlined twin instances of shortened URLs of malicious nature that are being distributed through MSN and Yahoo! Instant Messaging.
The researchers say that the con artists appear to be using an altered strategy. Actually, there may be dual consequences of shortened URLs. First, anti-virus agencies may find it more difficult to block short malicious URLs since that would require more time towards reaching onto the final Web-link. Secondly, cyber-criminals can use a URL-shortening feature to deceptively get users to hit onto a suspicious Web-link.

In the current instance of malicious URLs that Trend Micro has outlined, when users hit on them, they download a piece of malware onto their computers. The Company has identified this piece of malicious program as WORM_BUZUS.AG.

The notorious worm drops its own copies onto folders shared on P2P networks, with the copies given catchy file names. Also, the copies are dropped on every removable drive. Additionally, Buzus installs a file named AUTORUN.INF that runs installed copies automatically whenever a user accesses the drives. It also executes flood attacks on select websites.

Hence, as these dangers loom, security experts urge computer users to consider WORM_BUZUS.AG as an actual risk to their systems.

Consequently, they must eliminate it immediately on identification either manually alternatively via a suitable malware removal product. Further, for averting any future contamination, users must maintain their Windows operating system, load each and every essential security patch as well as keep their firewalls enabled. Finally, they must exercise caution while handling any shortened URL across an IM (instant messaging) tool.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 4/17/2010