Google Chrome and Firefox both use Google's Safe Browsing service in order to determine if a site is safe or not. Recently, the service has listed the bit.ly site for suspicious activity. Within a span of 90 days, bit.ly has been listed 31 times by the service.
The Google Safe Browsing service is provided by the search giant to browsers such as Chrome and Firefox. What it does is that it highlights URLs which it suspects to have phishing or malware content. It now says that Bitlinks are no longer blocked. Moreover, there are no data or bitlinks that were compromised.
Google discussed extensively on what it has discovered after visiting the site.
"Of the 92037 pages we tested on the site over the past 90 days, 728 pages resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-10-26, and the last time suspicious content was found on this site was on 2014-10-26," says Google.
In addition to this, Google also mentioned that it discovered malicious software such as 152 scripting exploits, 188 exploits and 199 trojans. The malware's successful infection led to an average of 3 new processes on the machine that it has targeted.
Based on this information, it shows that the service itself does not directly distribute malicious software. Instead, the redirected sites of the service are the ones that do the job. This allows anyone to create a new redirection link which can be easily abused for the purpose of an attack.
There are 371 domains that have hosted the malicious software. These would include denotablin.com, likoj.net and hotclip.mobi.
Users of Chrome are notified of an attack when they read the words 'the site ahead contains malware.' Likewise, users of Firefox are also notified when the site tells them 'reported attack page.'
When Chrome users see the notification, the next thing that they can do is to click on the Details link that is shown on the page. Afterwards, they need to click on the link that says 'visit this unsafe site' link in order to see the site that is being questioned.
For users of Firefox, they need to click the link that says 'ignore this warning.'
It's important not to bypass the warning since doing so could place the PC at risk. It is therefore recommended that users have their PC protected. One way is to install an antivirus software which should always be up to date. It's also helpful to use browser specific security extensions to block these harmful attacks on the PC.
