Zscaler Blog

Erhalten Sie die neuesten Zscaler Blog-Updates in Ihrem Posteingang

Abonnieren
Another 1.5 Million Twitter Links Scanned
Security Research

Another 1.5 Million Twitter Links Scanned

image
JULIEN SOBRIER
October 28, 2010 - 2 Lesezeit: Min

In March 2010, I analyzed about 1 million links taken from public tweets on Twitter. I showed that the number of malicious links was less than 1%.

I have scanned another 1.5 million links in the past 3 months from Twitter public time line (1,587,824 exactly). I analyzed these URLs and the server content to find how many of them lead to malicious pages by running them through the Zscaler cloud.

Before I go into the details, I'd like to make a few points:

  • links were taken over several months, but they were analyzed immediately
  • I gathered links from the public time line. Results for direct messages might be different
  • the links may not be intentionally malicious, the page could have been compromised


The state of the Twitter links

 

 

Image
Top-10 domains in Twitter URLs

 

 

 


Bit.ly is still the leader in number of URLs on Twitter at 33% of all URLs, compared to only 5% for the number 2 spot (twitpic.com)! However, its market share has decreased, mainly because of the arrival of new URL shortener services from big names. Google, for example, arrives in the the top-10 domains with goo.gl, a service only available since December 2009. If we add youtube.com and youtu.be, Google represents 5% of all URLs.

Other social services are becoming more and more popular links in tweets: 4square (4sq.com) is #10, Facebook (fb.me) is #13

But the hierarchy of domains stays pretty much the same as in March, overall.

How many malicious links?

Like the previous analysis, I looked for phishing sites, malware, browser exploits, etc., but not spam.

The results are the same as previous: 0.07% (1149 links) of all links are dangerous.

 

 

Image
Distribution of threats by type

 

 

 

The distribution of malicious sites per domains is mainly the same as the total number of links per domain:
 

Image
Distribution of malicious sites per domain
 

twitthis.com has a high percentage of malicious links mostly due to hijacked Wordpress installations serving malware. As reported last time, mediafire.com is known to host malicious content. Some URLs shorteners like youtu.be and 4sq.com create short links for one domain only (youtube.com and foursquare.com), so they are never malicious.


This shows once again that the number of malicious links in public tweets is very low. Users should pay more attention to direct messages (private tweets), but overall they should feel safe using Twitter.

-- Julien

form submtited
Danke fürs Lesen

War dieser Beitrag nützlich?

Haftungsausschluss: Dieser Blog-Beitrag wurde von Zscaler ausschließlich zu Informationszwecken erstellt und wird ohne jegliche Garantie für Richtigkeit, Vollständigkeit oder Zuverlässigkeit zur Verfügung gestellt. Zscaler übernimmt keine Verantwortung für etwaige Fehler oder Auslassungen oder für Handlungen, die auf der Grundlage der bereitgestellten Informationen vorgenommen werden. Alle in diesem Blog-Beitrag verlinkten Websites oder Ressourcen Dritter werden nur zu Ihrer Information zur Verfügung gestellt, und Zscaler ist nicht für deren Inhalte oder Datenschutzmaßnahmen verantwortlich. Alle Inhalte können ohne vorherige Ankündigung geändert werden. Mit dem Zugriff auf diesen Blog-Beitrag erklären Sie sich mit diesen Bedingungen einverstanden und nehmen zur Kenntnis, dass es in Ihrer Verantwortung liegt, die Informationen zu überprüfen und in einer Ihren Bedürfnissen angemessenen Weise zu nutzen.

Erhalten Sie die neuesten Zscaler Blog-Updates in Ihrem Posteingang

Mit dem Absenden des Formulars stimmen Sie unserer Datenschutzrichtlinie zu.